← volver
CVE-2004-0082

CVE-2004-0082

EPSS 3.5%
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://exchange.xforce.ibmcloud.com/vulnerabilities/15132https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A827http://us1.samba.org/samba/ftp/WHATSNEW-3.0.2a.txthttp://www.ciac.org/ciac/bulletins/o-078.shtmlhttp://www.osvdb.org/3919http://www.redhat.com/support/errata/RHSA-2004-064.htmlhttp://www.securityfocus.com/bid/9637http://www.vuxml.org/freebsd/3388eff9-5d6e-11d8-80e3-0020ed76ef5a.html