Vulnerability Name:

CVE-2000-0843 (CCN-5225)

Assigned:2000-09-11
Published:2000-09-11
Updated:2008-09-05
Summary:Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: BUGTRAQ
Type: UNKNOWN
20000910 (SRADV00002) Remote root compromise through pam_smb and pam_ntdom

Source: BUGTRAQ
Type: UNKNOWN
20000911 Conectiva Linux Security Announcement - pam_smb

Source: CCN
Type: Conectiva Linux Announcement CLSA-2000:315
pam_smb: Buffer overflow

Source: MITRE
Type: CNA
CVE-2000-0843

Source: DEBIAN
Type: Patch, Vendor Advisory
20000911 libpam-smb: remote root exploit

Source: DEBIAN
Type: Debian Security Advisory 20000911
libpam-smb: remote root exploit

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2000:047

Source: SUSE
Type: UNKNOWN
20000913 pam_smb remotely exploitable buffer overflow

Source: CCN
Type: OSVDB ID: 416
pam_smb / pam_ntdom User Name Remote Overflow

Source: CCN
Type: Secure Reality Pty Ltd. Security Advisory #02 (SRADV00002)
Remote root compromise through pam_smb and pam_ntdom

Source: BID
Type: Patch, Vendor Advisory
1666

Source: CCN
Type: BID-1666
NT Authentication PAM Modules Buffer Overflow Vulnerability

Source: CCN
Type: BID-1850
pam_mysql Authentication Input Validation Vulnerability

Source: CCN
Type: SuSE Security Announcement, September 13th, 2000 18:00 MEST
pam_smb

Source: CCN
Type: MandrakeSoft Security Advisory MDKSA-2000:047
pam_smb and pam_ntdom

Source: XF
Type: UNKNOWN
pam-authentication-bo(5225)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:dave_airlie:pam_smb:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:luke_kenneth_casson_leighton:pam_ntdom:0.23:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:dave_airlie:pam_smb:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:dave_airlie:pam_smb:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:dave_airlie:pam_smb:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:dave_airlie:pam_smb:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:dave_airlie:pam_smb:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:dave_airlie:pam_smb:1.1.5:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    dave_airlie pam smb 1.1.5
    luke_kenneth_casson_leighton pam ntdom 0.23
    dave_airlie pam smb 1.1
    dave_airlie pam smb 1.1.1
    dave_airlie pam smb 1.1.2
    dave_airlie pam smb 1.1.3
    dave_airlie pam smb 1.1.4
    dave_airlie pam smb 1.1.5