CVE-2004-0883

Severity

64%

Complexity

99%

Confidentiality

81%

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.

CVSS 2.0 Base Score 6.4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P).

Overview

First reported 20 years ago

2005-01-10 05:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

Linux Kernel 2.4.0

2.4.0

Linux Kernel 2.4.0 test1

2.4.0

Linux Kernel 2.4.0 test10

2.4.0

Linux Kernel 2.4.0 test11

2.4.0

Linux Kernel 2.4.0 test12

2.4.0

Linux Kernel 2.4.0 test2

2.4.0

Linux Kernel 2.4.0 test3

2.4.0

Linux Kernel 2.4.0 test4

2.4.0

Linux Kernel 2.4.0 test5

2.4.0

Linux Kernel 2.4.0 test6

2.4.0

Linux Kernel 2.4.0 test7

2.4.0

Linux Kernel 2.4.0 test8

2.4.0

Linux Kernel 2.4.0 test9

2.4.0

Linux Kernel 2.4.1

2.4.1

Linux Kernel 2.4.2

2.4.2

Linux Kernel 2.4.3

2.4.3

Linux Kernel 2.4.4

2.4.4

Linux Kernel 2.4.5

2.4.5

Linux Kernel 2.4.6

2.4.6

Linux Kernel 2.4.7

2.4.7

Linux Kernel 2.4.8

2.4.8

Linux Kernel 2.4.9

2.4.9

Linux Kernel 2.4.10

2.4.10

Linux Kernel 2.4.11

2.4.11

Linux Kernel 2.4.12

2.4.12

Linux Kernel 2.4.13

2.4.13

Linux Kernel 2.4.14

2.4.14

Linux Kernel 2.4.15

2.4.15

Linux Kernel 2.4.16

2.4.16

Linux Kernel 2.4.17

2.4.17

Linux Kernel 2.4.18

2.4.18

Linux Kernel 2.4.18 pre1

2.4.18

Linux Kernel 2.4.18 pre2

2.4.18

Linux Kernel 2.4.18 pre3

2.4.18

Linux Kernel 2.4.18 pre4

2.4.18

Linux Kernel 2.4.18 pre5

2.4.18

Linux Kernel 2.4.18 pre6

2.4.18

Linux Kernel 2.4.18 pre7

2.4.18

Linux Kernel 2.4.18 pre8

2.4.18

Linux Kernel 2.4.19

2.4.19

Linux Kernel 2.4.19 pre1

2.4.19

Linux Kernel 2.4.19 pre2

2.4.19

Linux Kernel 2.4.19 pre3

2.4.19

Linux Kernel 2.4.19 pre4

2.4.19

Linux Kernel 2.4.19 pre5

2.4.19

Linux Kernel 2.4.19 pre6

2.4.19

Linux Kernel 2.4.20

2.4.20

Linux Kernel 2.4.21

2.4.21

Linux Kernel 2.4.21 pre1

2.4.21

Linux Kernel 2.4.21 pre4

2.4.21

Linux Kernel 2.4.21 pre7

2.4.21

Linux Kernel 2.4.22

2.4.22

Linux Kernel 2.4.23

2.4.23

Linux Kernel 2.4.23 pre9

2.4.23

Linux Kernel 2.4.24

2.4.24

Linux Kernel 2.4.25

2.4.25

Linux Kernel 2.4.26

2.4.26

Linux Kernel 2.4.27

2.4.27

Linux Kernel 2.4.27 pre1

2.4.27

Linux Kernel 2.4.27 pre2

2.4.27

Linux Kernel 2.4.27 pre3

2.4.27

Linux Kernel 2.4.27 pre4

2.4.27

Linux Kernel 2.4.27 pre5

2.4.27

Linux Kernel 2.6.0

2.6.0

Linux Kernel 2.6 test1

2.6.0

Linux Kernel 2.6 test10

2.6.0

Linux Kernel 2.6 test11

2.6.0

Linux Kernel 2.6 test2

2.6.0

Linux Kernel 2.6 test3

2.6.0

Linux Kernel 2.6 test4

2.6.0

Linux Kernel 2.6 test5

2.6.0

Linux Kernel 2.6 test6

2.6.0

Linux Kernel 2.6 test7

2.6.0

Linux Kernel 2.6 test8

2.6.0

Linux Kernel 2.6 test9

2.6.0

Linux Kernel 2.6.1

2.6.1

Linux Kernel 2.6.1 Release Candidate 1

2.6.1

Linux Kernel 2.6.1 Release Candidate 2

2.6.1

Linux Kernel 2.6.2

2.6.2

Linux Kernel 2.6.3

2.6.3

Linux Kernel 2.6.4

2.6.4

Linux Kernel 2.6.5

2.6.5

Linux Kernel 2.6.6

2.6.6

Linux Kernel 2.6.6 Release Candidate 1

2.6.6

Linux Kernel 2.6.7

2.6.7

Linux Kernel 2.6.7 Release Candidate 1

2.6.7

Linux Kernel 2.6.8

2.6.8

Linux Kernel 2.6.8 Release Candidate 1

2.6.8

Linux Kernel 2.6.8 Release Candidate 2

2.6.8

Linux Kernel 2.6.8 Release Candidate 3

2.6.8

Red Hat Desktop 3.0

3.0

SuSE SuSE Linux 8.1

8.1

SuSE SuSE Linux 8.2

8.2

SuSE SuSE Linux 9.0

9.0

SuSE SuSE Linux 9.1

9.1

SuSE SuSE Linux 9.2

9.2

Trustix Secure Linux 1.5

1.5

Trustix Secure Linux 2.0

2.0

Trustix Secure Linux 2.1

2.1

Trustix Secure Linux 2.2

2.2

References

20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities

20041118 [USN-30-1] Linux kernel vulnerabilities

13232

20162

20163

20202

20338

http://security.e-matters.de/advisories/142004.html

DSA-1067

DSA-1069

DSA-1070

DSA-1082

VU#726198

US Government Resource

MDKSA-2005:022

RHSA-2004:504

RHSA-2004:505

RHSA-2004:537

Patch, Vendor Advisory

11695

Patch, Vendor Advisory

FLSA:2336

linux-smb-response-dos(18134)

linux-smbprocreadxdata-dos(18135)

linux-smbreceivetrans2-dos(18136)

oval:org.mitre.oval:def:10330

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.