VDB
CVE-2003-0201
CVE-2003-0201
PUBLISHED
CVSS 10 CRITICAL
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
EPSS 88.43% · 99.5th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
88.43%
99.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sun | solaris | 2.5.1, 2.5.1, 2.5.1 |
| samba | samba | 2.0.2, 2.0.7, 2.0.9 |
| samba-tng | samba-tng | 0.3, 0.3.1, 0.3 |
| compaq | tru64 | 4.0d, 4.0d, 4.0f |
| hp | hp-ux | 11.20, 10.01, 10.01 |
| apple | mac_os_x | 10.2.4, 10.2, 10.2.1 |
| n/a | n/a | *, n/a |
| sun | sunos | 5.5.1, 5.7, 5.8 |
| hp | cifs-9000_server | *, a.01.05, a.01.07 |
Timeline
- Jan 19, 1970 VulnCheck XDB Entry
- Apr 15, 2003 CVE Published
- Jun 17, 2010 PoC Published
- Jun 21, 2010 PoC Published
- Jul 14, 2010 PoC Published
- Sep 23, 2010 PoC Published
- Jun 20, 2017 VulnCheck KEV Exploitation
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
References
- CLA-2003:624 vendor-advisory
- 20030408 [Sorcerer-spells] SAMBA--SORCERER2003-04-08 mailing-list
- 20030403-01-P vendor-advisory
- SuSE-SA:2003:025 vendor-advisory
- 7294 vdb
- http://www.digitaldefense.net/labs/advisories/DDI-1013.txt url
- 20030407 [DDI-1013] Buffer Overflow in Samba allows remote root compromise mailing-list
- DSA-280 vendor-advisory
- 20030409 GLSA: samba (200304-02) mailing-list
- VU#267873 third-party-advisory
- MDKSA-2003:044 vendor-advisory
- RHSA-2003:137 vendor-advisory
- 20030407 Immunix Secured OS 7+ samba update mailing-list
- oval:org.mitre.oval:def:567 vdb
- oval:org.mitre.oval:def:2163 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2003-0201 advisory