Info

Last Modified

about 1 year ago

Percent Complete

Disclosure

Nov 15, 2004

Discovery

Sep 24, 2004

Dates

Exploit

Unknown

Solution

Unknown

This Entry needs help! It is only 5% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Keywords

No Keywords

Description

(Description Provided by CVE) : Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.

Classification

Attack Type: Input Manipulation

Products

Unknown or Incomplete

References

Security Tracker: 1012235
Secunia Advisory ID: 13189 13210 13219 13240 13336 13429
ISS X-Force ID: 18070
CVE ID: 2004-0882 (see also: NVD)
Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:136
Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P.asc http://security.e-matters.de/advisories/132004.html
http://www.suse.de/de/security/announcements/../2004_40_samba.html
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-11/0195.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0492.html
CIAC Advisory: p-038
RedHat RHSA: RHSA-2004:632-17

Tools & Filters

Nessus	15696 15705 15726 15741 15769 15847 15848 19169 20644 20646

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches