Vulnerability Report

CVE-2004-0883

Title: Linux kernel smbfs multiple vulnerabilities DoS/information disclosure

DoS, Information Disclosure

Proof Of Concept

No public PoC currently indexed for CVE-2004-0883.

CWE Category NVD-CWE-noinfo
Published Date Jan 10, 2005
Modified Date Apr 03, 2025
Exploit Status Not Found
Score 6.4 CVSS v2.0
Exploit Probability (EPSS)
15.37%

Vulnerability Summary

CVE-2004-0883: Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.

Impacted Vendors

R
redhat 4
U
ubuntu 2
N
novell 1
F
fedoraproject 1
L
linux 1
S
suse 1
T
trustix 1
E
engardelinux 1

Reference Links

http://marc.info/?l=bugtraq&m=110072140811965&w=2 http://marc.info/?l=bugtraq&m=110082989725345&w=2 http://secunia.com/advisories/13232/ http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://security.e-matters.de/advisories/142004.html http://www.debian.org/security/2006/dsa-1067 http://www.debian.org/security/2006/dsa-1069 http://www.debian.org/security/2006/dsa-1070 http://www.debian.org/security/2006/dsa-1082 http://www.kb.cert.org/vuls/id/726198 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.redhat.com/support/errata/RHSA-2004-504.html http://www.redhat.com/support/errata/RHSA-2004-505.html http://www.redhat.com/support/errata/RHSA-2004-537.html http://www.securityfocus.com/bid/11695 https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://exchange.xforce.ibmcloud.com/vulnerabilities/18134 https://exchange.xforce.ibmcloud.com/vulnerabilities/18135 https://exchange.xforce.ibmcloud.com/vulnerabilities/18136 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10330 http://marc.info/?l=bugtraq&m=110072140811965&w=2 http://marc.info/?l=bugtraq&m=110082989725345&w=2 http://secunia.com/advisories/13232/ http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://security.e-matters.de/advisories/142004.html http://www.debian.org/security/2006/dsa-1067 http://www.debian.org/security/2006/dsa-1069 http://www.debian.org/security/2006/dsa-1070 http://www.debian.org/security/2006/dsa-1082 http://www.kb.cert.org/vuls/id/726198 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.redhat.com/support/errata/RHSA-2004-504.html http://www.redhat.com/support/errata/RHSA-2004-505.html http://www.redhat.com/support/errata/RHSA-2004-537.html http://www.securityfocus.com/bid/11695 https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://exchange.xforce.ibmcloud.com/vulnerabilities/18134 https://exchange.xforce.ibmcloud.com/vulnerabilities/18135 https://exchange.xforce.ibmcloud.com/vulnerabilities/18136 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10330
CVSS v2.0
Source Entity [email protected]
Severity MEDIUM
6.4
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:P/I:N/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2004-0883 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:N/AC:L/Au:N/C:P/I:N/A:P

Affected Stack

No specific products linked.