Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2003-0201 | First vendor Publication | 2003-05-05 |
Vendor | Cve | Last vendor Modification | 2018-10-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0201 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:2163 | |||
Oval ID: | oval:org.mitre.oval:def:2163 | ||
Title: | Samba call_trans2open() Buffer Overflow | ||
Description: | Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0201 | Version: | 3 |
Platform(s): | Sun Solaris 9 | Product(s): | Samba |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:567 | |||
Oval ID: | oval:org.mitre.oval:def:567 | ||
Title: | BO in Samba call_trans2open Function | ||
Description: | Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0201 | Version: | 4 |
Platform(s): | Red Hat Linux 9 | Product(s): | Samba, Samba-TNG |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Samba call_trans2open buffer overflow | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 280-1 (samba) File : nvt/deb_280_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
4469 | Samba trans2.c call_trans2open() Function Overflow Samba contains a flaw that may allow a remote attacke to execute arbitrary code. The issue is due to a flaw in trans2.c in which the call_trans2open() function user input is not properly sanitized. If an attacker supplied an overly long string to the pname variable, they may be able to overflow the buffer and execute arbitrary code with the privileges of the server. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | SMB Trans2 OPEN2 unicode maximum param count overflow attempt RuleID : 2103-community - Revision : 16 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 unicode maximum param count overflow attempt RuleID : 2103 - Revision : 16 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt RuleID : 11964 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 andx maximum param count overflow attempt RuleID : 11963 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans2 OPEN2 unicode andx maximum param count overflow attempt RuleID : 11962 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans2 OPEN2 andx maximum param count overflow attempt RuleID : 11961 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt RuleID : 11960 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 andx maximum param count overflow attempt RuleID : 11959 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 unicode maximum param count overflow attempt RuleID : 11958 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 maximum param count overflow attempt RuleID : 11957 - Revision : 4 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans2 OPEN2 unicode maximum param count overflow attempt RuleID : 11956 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB-DS Trans2 OPEN2 maximum param count overflow attempt RuleID : 11955 - Revision : 5 - Type : NETBIOS |
2014-01-10 | SMB Trans2 OPEN2 maximum param count overflow attempt RuleID : 11945 - Revision : 4 - Type : NETBIOS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-280.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-044.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch. File : suse_SA_2003_025.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-138.nasl - Type : ACT_GATHER_INFO |
2003-04-07 | Name : Arbitrary code may be run on the remote server. File : samba_trans2open_overflow.nasl - Type : ACT_ATTACK |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:14 |
|
2024-02-01 12:01:26 |
|
2023-09-05 12:02:08 |
|
2023-09-05 01:01:17 |
|
2023-09-02 12:02:09 |
|
2023-09-02 01:01:17 |
|
2023-08-12 12:02:37 |
|
2023-08-12 01:01:18 |
|
2023-08-11 12:02:14 |
|
2023-08-11 01:01:19 |
|
2023-08-06 12:02:04 |
|
2023-08-06 01:01:18 |
|
2023-08-04 12:02:07 |
|
2023-08-04 01:01:19 |
|
2023-07-14 12:02:06 |
|
2023-07-14 01:01:19 |
|
2023-03-29 01:02:04 |
|
2023-03-28 12:01:24 |
|
2022-10-11 12:01:52 |
|
2022-10-11 01:01:11 |
|
2021-05-04 12:02:01 |
|
2021-04-22 01:02:08 |
|
2020-05-23 13:16:43 |
|
2020-05-23 00:15:22 |
|
2018-10-31 00:19:42 |
|
2017-10-11 09:23:16 |
|
2016-10-18 12:01:09 |
|
2016-06-28 15:02:00 |
|
2016-04-26 12:31:07 |
|
2016-03-07 21:24:12 |
|
2016-03-07 17:24:18 |
|
2014-02-17 10:25:57 |
|
2014-01-19 21:21:55 |
|
2013-05-11 11:50:51 |
|