FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2003-0686

This CVE name corresponds to:

Entered Topic
2003-10-25 Buffer overflow in pam_smb password handling

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2003-0686
Phase Assigned(20030814)

Description

Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.

References

Source Reference
CONFIRM http://us2.samba.org/samba/ftp/pam_smb/
CONECTIVA CLA-2003:734
DEBIAN DSA-374
REDHAT RHSA-2003:261
REDHAT RHSA-2003:262
TURBO TLSA-2003-50
SUSE SuSE-SA:2003:036
BUGTRAQ 20030901 GLSA: pam_smb (200309-01)
CERT-VN VU#680260
OVAL oval:org.mitre.oval:def:469
SECUNIA 9611