CVE-2004-1154 in Samba
Résumé (Anglaise)
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Réserver
07/12/2004
Divulgation
10/01/2005
Statut
Confirmé
Entrées
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnérabilité | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 1066 | GNU Samba smbd Security Descriptor buffer overflow | 122 | Preuve de concept | Correctif officiel | CVE-2004-1154 |