Remote Code Execution Vulnerability in Samba Filesystem on Linux Kernel
CVE-2004-0949

Currently unrated

Key Information:

Vendor: Suse
Status: Suse Linux; Linux Kernel; Enterprise Linux; Fedora Core
Vendor: CVE Published:; 10 January 2005

Summary

The smb_recv_trans2 function in the Samba filesystem on Linux kernels 2.4 and 2.6 improperly processes fragmented packets. This flaw could enable remote Samba servers to exploit the system, potentially gaining access to sensitive kernel information or manipulating internal counters by resending parts of fragmented packets. This vulnerability raises significant concerns regarding system integrity and data security.

References

http://secunia.com/advisories/20163

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/11695

vdb-entryx_refsource_BID

http://www.debian.org/security/2006/dsa-1082

vendor-advisoryx_refsource_DEBIAN

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Oct 12, 2004