CVE-2004-0686 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Samba

7 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

11.6%

top 6.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Trustix Secure Linux

Timeline

PublishedJul 27

Latest updateApr 29

Description

Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDsamba/samba2.2.0 — 2.2.10+1

▶Debiansamba/samba< 3.0.5+3

▶NVDtrustix/secure_linux1.5, 2.0, 2.1+2

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-7c6c-h82r-p2cf: Buffer overflow in Samba 2↗2022-04-29

▶

OSV

CVE-2004-0686: Buffer overflow in Samba 2↗2004-07-27

▶

CVEList

CVE-2004-0686: Buffer overflow in Samba 2↗2004-07-23

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-07-22

▶

Debian

CVE-2004-0686: samba - Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling ...↗2004

▶

💬Community

Bugzilla

CVE-2004-0686 security flaw↗2018-08-16

▶