Buffer Overflow Vulnerability in Samba by Samba Team
CVE-2003-0201

Currently unrated

Key Information:

Vendor

Samba

Status
Samba
Samba-tng
Vendor
CVE Published:
5 May 2003
🔔 Create Samba Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 71%

What is CVE-2003-0201?

A buffer overflow exists in the call_trans2open function of trans2.c for various versions of Samba, including 2.2.x prior to 2.2.8a and earlier 2.0.x versions, as well as Samba-TNG prior to 0.3.2. This vulnerability allows remote attackers to execute arbitrary code on affected systems, posing a significant security risk. Administrators are urged to upgrade to patched versions or implement mitigation strategies to safeguard their environments against potential exploitation.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2003-0201
Created by Rapid7

Metasploit exploit module for CVE-2003-0201
Created by Rapid7

trans2open-CVE-2003-0201
Created by KernelPan1k

References

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...
vendor-advisoryx_refsource_CONECTIVA
http://marc.info/?l=bugtraq&m=104981682014565&w=2
mailing-listx_refsource_BUGTRAQ
ftp://patches.sgi.com/support/free/security/advisories/20...
vendor-advisoryx_refsource_SGI

EPSS Score

71% chance of being exploited in the next 30 days.

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.