Multiple Denial of Service and Information Disclosure Vulnerabilities in Samba Filesystem (smbfs) in Linux Kernel 2.4 and 2.6

Multiple Denial of Service and Information Disclosure Vulnerabilities in Samba Filesystem (smbfs) in Linux Kernel 2.4 and 2.6

CVE-2004-0883 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.