CVE-2004-0949

Severity

64%

Complexity

99%

Confidentiality

81%

The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.

The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.

CVSS 2.0 Base Score 6.4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:N).

Overview

First reported 20 years ago

2005-01-10 05:00:00

Last updated 7 years ago

2017-10-11 01:29:00

Affected Software

Linux Kernel 2.4.0

2.4.0

Linux Kernel 2.4.0 test1

2.4.0

Linux Kernel 2.4.0 test10

2.4.0

Linux Kernel 2.4.0 test11

2.4.0

Linux Kernel 2.4.0 test12

2.4.0

Linux Kernel 2.4.0 test2

2.4.0

Linux Kernel 2.4.0 test3

2.4.0

Linux Kernel 2.4.0 test4

2.4.0

Linux Kernel 2.4.0 test5

2.4.0

Linux Kernel 2.4.0 test6

2.4.0

Linux Kernel 2.4.0 test7

2.4.0

Linux Kernel 2.4.0 test8

2.4.0

Linux Kernel 2.4.0 test9

2.4.0

Linux Kernel 2.4.1

2.4.1

Linux Kernel 2.4.2

2.4.2

Linux Kernel 2.4.3

2.4.3

Linux Kernel 2.4.4

2.4.4

Linux Kernel 2.4.5

2.4.5

Linux Kernel 2.4.6

2.4.6

Linux Kernel 2.4.7

2.4.7

Linux Kernel 2.4.8

2.4.8

Linux Kernel 2.4.9

2.4.9

Linux Kernel 2.4.10

2.4.10

Linux Kernel 2.4.11

2.4.11

Linux Kernel 2.4.12

2.4.12

Linux Kernel 2.4.13

2.4.13

Linux Kernel 2.4.14

2.4.14

Linux Kernel 2.4.15

2.4.15

Linux Kernel 2.4.16

2.4.16

Linux Kernel 2.4.17

2.4.17

Linux Kernel 2.4.18

2.4.18

Linux Kernel 2.4.18 pre1

2.4.18

Linux Kernel 2.4.18 pre2

2.4.18

Linux Kernel 2.4.18 pre3

2.4.18

Linux Kernel 2.4.18 pre4

2.4.18

Linux Kernel 2.4.18 pre5

2.4.18

Linux Kernel 2.4.18 pre6

2.4.18

Linux Kernel 2.4.18 pre7

2.4.18

Linux Kernel 2.4.18 pre8

2.4.18

Linux Kernel 2.4.19

2.4.19

Linux Kernel 2.4.19 pre1

2.4.19

Linux Kernel 2.4.19 pre2

2.4.19

Linux Kernel 2.4.19 pre3

2.4.19

Linux Kernel 2.4.19 pre4

2.4.19

Linux Kernel 2.4.19 pre5

2.4.19

Linux Kernel 2.4.19 pre6

2.4.19

Linux Kernel 2.4.20

2.4.20

Linux Kernel 2.4.21

2.4.21

Linux Kernel 2.4.21 pre1

2.4.21

Linux Kernel 2.4.21 pre4

2.4.21

Linux Kernel 2.4.21 pre7

2.4.21

Linux Kernel 2.4.22

2.4.22

Linux Kernel 2.4.23

2.4.23

Linux Kernel 2.4.23 pre9

2.4.23

Linux Kernel 2.4.24

2.4.24

Linux Kernel 2.4.25

2.4.25

Linux Kernel 2.4.26

2.4.26

Linux Kernel 2.4.27

2.4.27

Linux Kernel 2.4.27 pre1

2.4.27

Linux Kernel 2.4.27 pre2

2.4.27

Linux Kernel 2.4.27 pre3

2.4.27

Linux Kernel 2.4.27 pre4

2.4.27

Linux Kernel 2.4.27 pre5

2.4.27

Linux Kernel 2.6.0

2.6.0

Linux Kernel 2.6 test1

2.6.0

Linux Kernel 2.6 test10

2.6.0

Linux Kernel 2.6 test11

2.6.0

Linux Kernel 2.6 test2

2.6.0

Linux Kernel 2.6 test3

2.6.0

Linux Kernel 2.6 test4

2.6.0

Linux Kernel 2.6 test5

2.6.0

Linux Kernel 2.6 test6

2.6.0

Linux Kernel 2.6 test7

2.6.0

Linux Kernel 2.6 test8

2.6.0

Linux Kernel 2.6 test9

2.6.0

Linux Kernel 2.6.1

2.6.1

Linux Kernel 2.6.1 Release Candidate 1

2.6.1

Linux Kernel 2.6.1 Release Candidate 2

2.6.1

Linux Kernel 2.6.2

2.6.2

Linux Kernel 2.6.3

2.6.3

Linux Kernel 2.6.4

2.6.4

Linux Kernel 2.6.5

2.6.5

Linux Kernel 2.6.6

2.6.6

Linux Kernel 2.6.6 Release Candidate 1

2.6.6

Linux Kernel 2.6.7

2.6.7

Linux Kernel 2.6.7 Release Candidate 1

2.6.7

Linux Kernel 2.6.8

2.6.8

Linux Kernel 2.6.8 Release Candidate 1

2.6.8

Linux Kernel 2.6.8 Release Candidate 2

2.6.8

Linux Kernel 2.6.8 Release Candidate 3

2.6.8

Red Hat Desktop 3.0

3.0

SuSE SuSE Linux 8.1

8.1

SuSE SuSE Linux 8.2

8.2

SuSE SuSE Linux 9.0

9.0

SuSE SuSE Linux 9.1

9.1

SuSE SuSE Linux 9.2

9.2

Trustix Secure Linux 1.5

1.5

Trustix Secure Linux 2.0

2.0

Trustix Secure Linux 2.1

2.1

Trustix Secure Linux 2.2

2.2

References

20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities

13232

20162

20163

20202

20338

http://security.e-matters.de/advisories/142004.html

DSA-1067

DSA-1069

DSA-1070

DSA-1082

MDKSA-2005:022

RHSA-2004:504

RHSA-2004:505

RHSA-2004:537

Patch, Vendor Advisory

11695

Patch, Vendor Advisory

2004-0061

FLSA:2336

linux-smbrecvtrans2-memory-leak(18137)

oval:org.mitre.oval:def:10360

USN-30-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.