Bug 40140 (CVE-2003-0085) - VUL-0: CVE-2003-0085: samba: remote root exploit
Summary: VUL-0: CVE-2003-0085: samba: remote root exploit
Status: RESOLVED FIXED
Alias: CVE-2003-0085
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: All Linux
: P1 - Urgent : Blocker
Target Milestone: ---
Assignee: Lars Müller
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-03-12 17:55 UTC by Lars Müller
Modified: 2017-04-20 14:50 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Lars Müller 2003-03-12 17:55:53 UTC 
A remote root exploit weas found by the SuSE Security Team. Fixes for 2.2.7a are
available.
Comment 1 Lars Müller 2003-03-12 17:55:53 UTC 
<!-- SBZ_reproduce  -->
No exploit is currently available.
Comment 2 Chris Schlaeger 2003-03-13 00:04:50 UTC 
Will we get the fix for the beta5 deadline tonight?
Comment 3 Lars Müller 2003-03-13 00:05:26 UTC 
Yes.
Comment 4 Lars Müller 2003-03-13 00:17:27 UTC 
Fixed for STABLE. Move bug to UL1.
Comment 5 Lars Müller 2003-03-13 22:47:17 UTC 
Move back to SL as additional patches have to be added.
Comment 6 Lars Müller 2003-03-14 01:08:04 UTC 
Fixed for STABLE. Move bug to UL1.
Comment 7 Lars Müller 2003-03-18 08:04:45 UTC 
Fixed for all versions.
Comment 8 Marcus Meissner 2017-04-20 14:50:38 UTC 
I think this bug covers both

CVE-2003-0085 

Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary
code.

and CVE-2003-0086

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.