CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.8%
Added: 06/02/2006
CVE: CVE-2003-0201
BID: 7294
OSVDB: 4469
Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems.
A buffer overflow in the **call_trans2open**
function allows anonymous remote attackers to execute arbitrary commands.
Upgrade to Samba 2.2.8a or higher.
<http://www.kb.cert.org/vuls/id/267873>
<http://archives.neohapsis.com/archives/bugtraq/2003-04/0100.html>
Exploit works on Samba 2.2.x.
Linux
FreeBSD
SunOS / SunOS 5 / SunOS 5.9 / Solaris 9
SunOS / SunOS 5 / SunOS 5.7 / SunOS 5.8 / Solaris 7 / Solaris 8
SunOS / SunOS 5 / SunOS 5.6 / Solaris 2.6
Mac OS