FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0686

This CVE name corresponds to:

Entered Topic
2004-07-21 Multiple Potential Buffer Overruns in Samba

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0686 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0686
Phase Assigned(20040713)

Description

Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.

References

Source Reference
BUGTRAQ 20040722 Security Release - Samba 3.0.5 and 2.2.10
CONECTIVA CLA-2004:851
CONECTIVA CLA-2004:854
FEDORA FLSA:2102
GENTOO GLSA-200407-21
HP SSRT4782
MANDRAKE MDKSA-2004:071
REDHAT RHSA-2004:259
SUNALERT 101584
SUNALERT 57664
SUSE SUSE-SA:2004:022
TRUSTIX 2004-0039
BUGTRAQ 20040722 [OpenPKG-SA-2004.033] OpenPKG Security Advisory (samba)
BUGTRAQ 20040722 TSSA-2004-014 - samba
OVAL oval:org.mitre.oval:def:10461
XF samba-mangling-method-bo(16786)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.