Vulnerability Name:

CVE-2003-1332 (CCN-12749)

Assigned:2003-07-27
Published:2003-07-27
Updated:2017-07-29
Summary:Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2003-0201

Source: MITRE
Type: CNA
CVE-2003-1332

Source: CCN
Type: RHSA-2003-096
samba security update

Source: CCN
Type: RHSA-2003-137
New samba packages fix security vulnerability

Source: CCN
Type: RHSA-2003-138
samba security update

Source: CCN
Type: RHSA-2003-226
Updated samba packages fix security vulnerabilities

Source: CCN
Type: Samba Web site
Samba - opening Windows to a wider world

Source: DEBIAN
Type: DSA-280
samba -- buffer overflow

Source: CCN
Type: US-CERT VU#267873
Samba contains multiple buffer overflows

Source: CCN
Type: OpenPKG-SA-2003.028
Samba

Source: REDHAT
Type: UNKNOWN
RHSA-2003:096

Source: CCN
Type: SecuriTeam Mailing List, Security Holes & Exploits 28 Jul 2003
Samba reply_nttrans() Remote Root Exploit

Source: MISC
Type: Exploit
http://www.securiteam.com/exploits/5TP0M2AAKS.html

Source: CCN
Type: BID-7294
Samba call_trans2open Remote Buffer Overflow Vulnerability

Source: CCN
Type: TLSA-2003-27
Vulnerabilities are in the samba SMB protocol implementation

Source: XF
Type: UNKNOWN
samba-reply-nttrans-bo(12749)

Source: XF
Type: UNKNOWN
samba-reply-nttrans-bo(12749)

Source: CCN
Type: metasploit-framework GIT Repository
metasploit-framework/trans2open.rb at master · rapid7/metasploit-framework · GitHub

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database
Samba trans2open Overflow (Mac OS X PPC)

Source: SUSE
Type: SUSE-SA:2003:025
samba: remote root access

Vulnerable Configuration:Configuration 1:
  • cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • AND
  • cpe:/a:samba:samba:*:*:*:*:*:*:*:* (Version <= 2.2.7a)

    • Configuration CCN 1:
  • cpe:/a:samba:samba:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.3:-:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2:a:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.5:-:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.0:a:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.0:-:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.1:a:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.3:a:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.7:a:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.7:-:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:2.0.5:a:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:-:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.17:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.17:p1:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.17:p2:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.17:p3:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.17:p4:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.17:p5:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p1:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p10:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p2:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p3:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p4:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p5:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p6:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p7:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:1.9.18:p8:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.5:*:*:*:server:*:*:*
  • OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_database_server:-:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_email_server:iii:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_connectivity_server:-:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_office_server:-:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:8:*:*:*:server:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:8:*:*:*:workstation:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:7:*:*:*:server:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:7:*:*:*:workstation:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.2:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.0:*:*:*:workstation:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:pseries:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:iseries:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.2::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    linux linux kernel *
    samba samba *
    samba samba 2.0.7
    samba samba 2.2.2
    samba samba 2.2.3 -
    samba samba 2.2.4
    samba samba 2.2.5
    samba samba 2.2.6
    samba samba 2.0
    samba samba 2.2.10
    samba samba 2.2.12
    samba samba 2.2 a
    samba samba 2.0.0
    samba samba 2.0.1
    samba samba 2.0.2
    samba samba 2.0.3
    samba samba 2.0.4
    samba samba 2.0.5 -
    samba samba 2.0.6
    samba samba 2.0.8
    samba samba 2.0.9
    samba samba 2.0.10
    samba samba 2.2.0 a
    samba samba 2.2.0 -
    samba samba 2.2.1 a
    samba samba 2.2.3 a
    samba samba 2.2.7 a
    samba samba 2.2.7 -
    samba samba 2.2.11
    samba samba 2.2.1 -
    samba samba 2.0.5 a
    samba samba 1.9.18 -
    samba samba 1.9.17
    samba samba 1.9.17 p1
    samba samba 1.9.17 p2
    samba samba 1.9.17 p3
    samba samba 1.9.17 p4
    samba samba 1.9.17 p5
    samba samba 1.9.18 p1
    samba samba 1.9.18 p10
    samba samba 1.9.18 p2
    samba samba 1.9.18 p3
    samba samba 1.9.18 p4
    samba samba 1.9.18 p5
    samba samba 1.9.18 p6
    samba samba 1.9.18 p7
    samba samba 1.9.18 p8
    debian debian linux 2.2
    suse suse linux 7.1
    redhat linux 7.1
    turbolinux turbolinux 6.5
    suse suse linux 7.2
    redhat linux 7.2
    suse suse linux 7.3
    suse suse linux database server -
    suse suse email server iii
    suse suse linux connectivity server -
    mandrakesoft mandrake linux 8.2
    suse suse linux 8.0
    redhat linux 7.3
    debian debian linux 3.0
    openpkg openpkg current
    suse suse linux office server -
    redhat linux 8.0
    openpkg openpkg 1.1
    mandrakesoft mandrake linux 9.0
    suse suse linux 8.1
    mandrakesoft mandrake multi network firewall 8.2
    turbolinux turbolinux server 6.1
    turbolinux turbolinux 8
    turbolinux turbolinux 8
    turbolinux turbolinux 7
    turbolinux turbolinux 7
    openpkg openpkg 1.2
    turbolinux turbolinux 6.0
    mandrakesoft mandrake linux corporate server 2.1
    mandrakesoft mandrake linux 9.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat linux 9.0
    suse suse linux 8.2
    redhat linux advanced workstation 2.1
    redhat linux 7.1
    redhat linux 7.1
    mandrakesoft mandrake linux 8.2
    mandrakesoft mandrake linux 9.1
    mandrakesoft mandrake linux corporate server 2.1