Test ID:	1.3.6.1.4.1.25623.1.0.150714
Category:	Buffer overflow
Title:	Samba 2.2.2 <= 2.2.6 Vulnerability (CVE-2003-0085)
Summary:	Samba is prone to a buffer overflow vulnerability.
Description:	Summary: Samba is prone to a buffer overflow vulnerability. Vulnerability Insight: There was a bug in the length checking for encrypted password change requests from clients. A client could potentially send an encrypted password, which, when decrypted with the old hashed password could be used as a buffer overrun attack on the stack of smbd. The attach would have to be crafted such that converting a DOS codepage string to little endian UCS2 unicode would translate into an executable block of code. All versions of Samba between 2.2.2 to 2.2.6 inclusive are vulnerable to this problem. This version of Samba 2.2.7 contains a fix for this problem. Earlier versions of Samba are not vulnerable. There is no known exploit or exploit code for this vulnerability, it was discovered by a code audit by Debian Samba maintainers. Affected Software/OS: Samba versions 2.2.2 through 2.2.6. Solution: Update to version 2.2.7a or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0085 http://www.securityfocus.com/archive/1/316165/30/25370/threaded BugTraq ID: 7106 http://www.securityfocus.com/bid/7106 Bugtraq: 20030317 GLSA: samba (200303-11) (Google Search) http://marc.info/?l=bugtraq&m=104792646416629&w=2 Bugtraq: 20030317 Security Bugfix for Samba - Samba 2.2.8 Released (Google Search) http://marc.info/?l=bugtraq&m=104792723017768&w=2 Bugtraq: 20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba) (Google Search) http://marc.info/?l=bugtraq&m=104801012929374&w=2 Bugtraq: 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL (Google Search) Bugtraq: 20030401 Immunix Secured OS 7+ samba update (Google Search) http://www.securityfocus.com/archive/1/317145/30/25220/threaded CERT/CC vulnerability note: VU#298233 http://www.kb.cert.org/vuls/id/298233 Debian Security Information: DSA-262 (Google Search) http://www.debian.org/security/2003/dsa-262 http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml Immunix Linux Advisory: IMNX-2003-7+-003-01 http://www.mandriva.com/security/advisories?name=MDKSA-2003:032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A552 http://www.redhat.com/support/errata/RHSA-2003-095.html http://www.redhat.com/support/errata/RHSA-2003-096.html http://secunia.com/advisories/8299 http://secunia.com/advisories/8303 SGI Security Advisory: 20030302-01-I ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I SuSE Security Announcement: SuSE-SA:2003:016 (Google Search) http://www.novell.com/linux/security/advisories/2003_016_samba.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.