Oval Definition:oval:org.mitre.oval:def:1459
Revision Date:2006-03-09Version:17
Title:HP-Samba DACL Remote Integer Overflow Vulnerability (CIFS A.01)
Description:Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-1154
Platform(s):HP-UX 11
Product(s):Samba
Definition Synopsis
  • 700 Series or 800 Series OS Release 11.00, 11.11, 11.22, or 11.23
  • 700 Series or 800 Series OS Release 11.00
  • 700 Series OS Release 11.00
  • 700-series HP
  • AND HP Release B.11.00
  • OR 800 Series OS Release 11.00
  • 800-series HP
  • AND HP Release B.11.00
  • OR 700 Series or 800 Series OS Release 11.11
  • 700 Series OS Release 11.11
  • 700-series HP
  • AND HP Release B.11.11
  • OR 800 Series OS Release 11.11
  • 800-series HP
  • AND HP Release B.11.11
  • OR 700 Series or 800 Series OS Release 11.22
  • 700 Series OS Release 11.22
  • 700-series HP
  • AND HP Release B.11.22
  • OR 800 Series OS Release 11.22
  • 800-series HP
  • AND HP Release B.11.22
  • OR 700 Series or 800 Series OS Release 11.23
  • 700 Series OS Release 11.23
  • 700-series HP
  • AND HP Release B.11.23
  • OR 800 Series OS Release 11.23
  • 800-series HP
  • AND HP Release B.11.23
  • AND Any of the CIFS components has a version less than A.01.11.04
  • CIFS-Server.CIFS-RUN with version less than A.01.11.04 is installed
  • OR CIFS-Server.CIFS-UTIL with version less than A.01.11.04 is installed
  • OR CIFS-Server.CIFS-ADMIN with version less than A.01.11.04 is installed
  • OR CIFS-Server.CIFS-LIB with version less than A.01.11.04 is installed
    • BACK