Definition

HP-Samba DACL Remote Integer Overflow Vulnerability (CIFS A.02)

oval:org.mitre.oval:def:642

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

Family:

unix

Status:

ACCEPTED

Platform(s):

HP-UX 11

Class:

vulnerability

Reference(s):

CVE-2004-1154

Product(s):

Samba