National Cyber-Alert System
Vulnerability Summary: CVE-2003-0201
Orirignal release date: 2003-05-05
Source: US-CERT/NIST

Overview

    Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

Impact

    CVSS Severity: 10 (High)
    Range: remote
    Authentication: input buffer="1"
    Impact Type: sec_prot admin="1"

Reference to Advisories, Solutions, and Tools

Vulnerable Software and Vendor

    Samba-TNG (Samba-TNG)
    Tru64 (Compaq)
    Mac OS X (Apple)
    Samba (Samba)
    Solaris (Sun)
    HP-UX (HP)
    CIFS/9000 Server (HP)

Technical Details

CVE Standard Vulnerability Entry: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0201