Buffer Overflow in Samba 3.0.x-3.0.7 allows Remote Code Execution
CVE-2004-0882

Currently unrated

Key Information:

Vendor: Samba
Status: Samba; Linux
Vendor: CVE Published:; 27 January 2005

What is CVE-2004-0882?

The vulnerability in the Samba software affects versions 3.0.0 through 3.0.7, introducing a buffer overflow in the QFILEPATHINFO request handler. By sending carefully crafted TRANSACT2_QFILEPATHINFO requests with a small maximum data bytes value, an attacker could exploit this flaw to execute arbitrary code on the affected systems, potentially leading to unauthorized access and control over sensitive data.

References

http://securitytracker.com/id?1012235

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=110055646329581&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=110330519803655&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

33% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2005
Vulnerability Reserved
Sep 22, 2004