cbcvebase.
CVE-2004-0186
published 2004-03-15

CVE-2004-0186: smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid…

PriorityP430high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.59%
72.7th percentile
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.

Affected

10 ranges
VendorProductVersion rangeFixed in
debiansamba< samba 3.0.2-2 (bookworm)samba 3.0.2-2 (bookworm)
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
sambasamba
sambasamba
sambasamba>= 0 < 3.0.2-23.0.2-2
sambasamba>= 0 < 3.0.2-23.0.2-2
sambasamba>= 0 < 3.0.2-23.0.2-2
sambasamba>= 0 < 3.0.2-23.0.2-2

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.