CVE-2004-0186

smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=107636290906296&w=2
http://marc.info/?l=bugtraq&m=107657505718743&w=2
http://www.debian.org/security/2004/dsa-463	Patch Vendor Advisory
http://www.osvdb.org/3916
http://www.securityfocus.com/bid/9619	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15131
http://marc.info/?l=bugtraq&m=107636290906296&w=2
http://marc.info/?l=bugtraq&m=107657505718743&w=2
http://www.debian.org/security/2004/dsa-463	Patch Vendor Advisory
http://www.osvdb.org/3916
http://www.securityfocus.com/bid/9619	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15131

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:samba:samba:2.0:::::::*
	cpe:2.3:a:samba:samba:3.0.0:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.0:test1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test10::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test11::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test4::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test5::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test6::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test7::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test8::::::
	cpe:2.3:o:linux:linux_kernel:2.6.0:test9::::::
	cpe:2.3:o:linux:linux_kernel:2.6.1:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.1:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:::::::*

History

20 Nov 2024, 23:47

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=107636290906296&w=2 -~~	() http://marc.info/?l=bugtraq&m=107636290906296&w=2 -
References	~~() http://marc.info/?l=bugtraq&m=107657505718743&w=2 -~~	() http://marc.info/?l=bugtraq&m=107657505718743&w=2 -
References	~~() http://www.debian.org/security/2004/dsa-463 - Patch, Vendor Advisory~~	() http://www.debian.org/security/2004/dsa-463 - Patch, Vendor Advisory
References	~~() http://www.osvdb.org/3916 -~~	() http://www.osvdb.org/3916 -
References	~~() http://www.securityfocus.com/bid/9619 - Exploit, Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/9619 - Exploit, Patch, Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/15131 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/15131 -

Information

Published : 2004-03-15 05:00

Updated : 2024-11-20 23:47

NVD link : CVE-2004-0186

Mitre link : CVE-2004-0186

CVE.ORG link : CVE-2004-0186

JSON object : View

Products Affected

samba

samba

linux

linux_kernel

CWE

NVD-CWE-Other

7.2 /10