CVE-2003-0201 (CNNVD-200305-012)
CRITICAL
有利用代码
中文标题:
Samba服务器call_trans2open远程缓冲区溢出漏洞
英文标题:
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 an...
CVSS分数:
10.0
发布时间:
2003-04-15 04:00:00
漏洞类型:
授权问题
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v15
漏洞描述
中文描述:
Samba是一套实现SMB(Server Messages Block)协议,跨平台进行文件共享和打印共享服务的程序。Samba-TNG是一款Samba的衍生版本。 Samba程序由于对外部输入缺少正确的边界缓冲区检查,远程攻击者可以利用这个漏洞以root用户权限在系统上执行任意指令。 问题是smbd/trans2.c文件中的call_trans2open()函数调用: StrnCpy(fname,pname,namelen); /* Line 252 of smbd/trans2.c */ StrnCpy函数使用namelen拷贝pname到fname中,如果变量namelen赋值为strlen(pname)+1,就会发生缓冲区溢出。变量'fname'是_typedef_ pstring类型,是大小为1024字节的字符,如果pname超过1024字节,就可以覆盖堆栈中的敏感地址,精心构建提交数据可能以root用户权限在系统上执行任意指令。
英文描述:
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CWE类型:
(暂无数据)
标签:
remote
multiple
eSDee
OSVDB-4469
solaris_sparc
Metasploit
linux_x86
osx_ppc
bsd_x86
unix
Xpl017Elz
c0wboy
eDSee
noir
linux
Schizoprenic
H D Moore
osx
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| samba | samba | 2.0.0 | - | - |
cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*
|
| samba | samba | 2.0.1 | - | - |
cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*
|
| samba | samba | 2.0.2 | - | - |
cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*
|
| samba | samba | 2.0.3 | - | - |
cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*
|
| samba | samba | 2.0.4 | - | - |
cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*
|
| samba | samba | 2.0.5 | - | - |
cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*
|
| samba | samba | 2.0.6 | - | - |
cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*
|
| samba | samba | 2.0.7 | - | - |
cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*
|
| samba | samba | 2.0.8 | - | - |
cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*
|
| samba | samba | 2.0.9 | - | - |
cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*
|
| samba | samba | 2.0.10 | - | - |
cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*
|
| samba | samba | 2.2.0 | - | - |
cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
|
| samba | samba | 2.2.0a | - | - |
cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
|
| samba | samba | 2.2.1a | - | - |
cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
|
| samba | samba | 2.2.3a | - | - |
cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
|
| samba | samba | 2.2.4 | - | - |
cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
|
| samba | samba | 2.2.5 | - | - |
cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
|
| samba | samba | 2.2.6 | - | - |
cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
|
| samba | samba | 2.2.7 | - | - |
cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
|
| samba | samba | 2.2.7a | - | - |
cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
|
| samba | samba | 2.2.8 | - | - |
cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*
|
| samba-tng | samba-tng | 0.3 | - | - |
cpe:2.3:a:samba-tng:samba-tng:0.3:*:*:*:*:*:*:*
|
| samba-tng | samba-tng | 0.3.1 | - | - |
cpe:2.3:a:samba-tng:samba-tng:0.3.1:*:*:*:*:*:*:*
|
| apple | mac_os_x | 10.2 | - | - |
cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
|
| apple | mac_os_x | 10.2.1 | - | - |
cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*
|
| apple | mac_os_x | 10.2.2 | - | - |
cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
|
| apple | mac_os_x | 10.2.3 | - | - |
cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*
|
| apple | mac_os_x | 10.2.4 | - | - |
cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0b | - | - |
cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0d | - | - |
cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0d_pk9_bl17 | - | - |
cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0f | - | - |
cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0f_pk6_bl17 | - | - |
cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0f_pk7_bl18 | - | - |
cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0g | - | - |
cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*
|
| compaq | tru64 | 4.0g_pk3_bl17 | - | - |
cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.0 | - | - |
cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.0_pk4_bl17 | - | - |
cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.0_pk4_bl18 | - | - |
cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.0a | - | - |
cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.0a_pk3_bl17 | - | - |
cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.0f | - | - |
cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1 | - | - |
cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1_pk3_bl17 | - | - |
cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1_pk4_bl18 | - | - |
cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1_pk5_bl19 | - | - |
cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1_pk6_bl20 | - | - |
cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1a | - | - |
cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1a_pk1_bl1 | - | - |
cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1a_pk2_bl2 | - | - |
cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1a_pk3_bl3 | - | - |
cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1b | - | - |
cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*
|
| compaq | tru64 | 5.1b_pk1_bl1 | - | - |
cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*
|
| hp | hp-ux | 10.01 | - | - |
cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*
|
| hp | hp-ux | 10.20 | - | - |
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
|
| hp | hp-ux | 10.24 | - | - |
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
|
| hp | hp-ux | 11.00 | - | - |
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
|
| hp | hp-ux | 11.04 | - | - |
cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
|
| hp | hp-ux | 11.11 | - | - |
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
|
| hp | hp-ux | 11.20 | - | - |
cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*
|
| hp | hp-ux | 11.22 | - | - |
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
|
| sun | solaris | 2.5.1 | - | - |
cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*
|
| sun | solaris | 2.6 | - | - |
cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
|
| sun | solaris | 7.0 | - | - |
cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
|
| sun | solaris | 8.0 | - | - |
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
|
| sun | solaris | 9.0 | - | - |
cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
|
| sun | sunos | - | - | - |
cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
|
| sun | sunos | 5.5.1 | - | - |
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
|
| sun | sunos | 5.7 | - | - |
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
|
| sun | sunos | 5.8 | - | - |
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.05 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.06 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.07 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.07:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.08 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.08:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.08.01 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.08.01:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.09 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.09:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.09.01 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.09.01:*:*:*:*:*:*:*
|
| hp | cifs-9000_server | a.01.09.02 | - | - |
cpe:2.3:a:hp:cifs-9000_server:a.01.09.02:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
CLA-2003:624
vendor-advisory
cve.org
访问
cve.org
20030408 [Sorcerer-spells] SAMBA--SORCERER2003-04-08
mailing-list
cve.org
访问
cve.org
20030403-01-P
vendor-advisory
cve.org
访问
cve.org
SuSE-SA:2003:025
vendor-advisory
cve.org
访问
cve.org
7294
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_MISC
cve.org
访问
cve.org
20030407 [DDI-1013] Buffer Overflow in Samba allows remote root compromise
mailing-list
cve.org
访问
cve.org
DSA-280
vendor-advisory
cve.org
访问
cve.org
20030409 GLSA: samba (200304-02)
mailing-list
cve.org
访问
cve.org
VU#267873
third-party-advisory
cve.org
访问
cve.org
MDKSA-2003:044
vendor-advisory
cve.org
访问
cve.org
RHSA-2003:137
vendor-advisory
cve.org
访问
cve.org
20030407 Immunix Secured OS 7+ samba update
mailing-list
cve.org
访问
cve.org
oval:org.mitre.oval:def:567
vdb-entry
cve.org
访问
cve.org
oval:org.mitre.oval:def:2163
vdb-entry
cve.org
访问
cve.org
ExploitDB EDB-10
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-10
EXPLOIT
exploitdb
访问
exploitdb
CVE Reference: CVE-2003-0201
ADVISORY
cve.org
访问
cve.org
ExploitDB EDB-16330
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-16330
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-16861
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-16861
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-16876
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-16876
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-16880
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-16880
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-22468
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-22468
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-22469
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-22469
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-22470
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-22470
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-22471
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-22471
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-55
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-55
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-7
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-7
EXPLOIT
exploitdb
访问
exploitdb
ExploitDB EDB-9924
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-9924
EXPLOIT
exploitdb
访问
exploitdb
CVSS评分详情
10.0
CRITICAL
CVSS向量:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS版本:
2.0
机密性
COMPLETE
完整性
COMPLETE
可用性
COMPLETE
时间信息
发布时间:
2003-04-15 04:00:00
修改时间:
2024-08-08 01:43:36
创建时间:
2025-11-11 15:32:18
更新时间:
2025-11-11 17:07:03
利用信息
此漏洞有可利用代码!
利用代码数量:
12
利用来源:
未知
未知
未知
未知
未知
未知
未知
未知
未知
未知
未知
未知
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2003-0201 |
2025-11-11 15:17:26 | 2025-11-11 07:32:18 |
| NVD | nvd_CVE-2003-0201 |
2025-11-11 14:50:37 | 2025-11-11 07:41:05 |
| CNNVD | cnnvd_CNNVD-200305-012 |
2025-11-11 15:08:42 | 2025-11-11 07:48:51 |
| EXPLOITDB | exploitdb_EDB-10 |
2025-11-11 15:05:28 | 2025-11-11 08:00:22 |
| EXPLOITDB | exploitdb_EDB-16330 |
2025-11-11 15:05:48 | 2025-11-11 08:10:59 |
| EXPLOITDB | exploitdb_EDB-16861 |
2025-11-11 15:05:26 | 2025-11-11 08:11:15 |
| EXPLOITDB | exploitdb_EDB-16876 |
2025-11-11 15:05:29 | 2025-11-11 08:11:15 |
| EXPLOITDB | exploitdb_EDB-16880 |
2025-11-11 15:05:21 | 2025-11-11 08:11:15 |
| EXPLOITDB | exploitdb_EDB-22468 |
2025-11-11 15:05:48 | 2025-11-11 08:17:27 |
| EXPLOITDB | exploitdb_EDB-22469 |
2025-11-11 15:05:48 | 2025-11-11 08:17:27 |
| EXPLOITDB | exploitdb_EDB-22470 |
2025-11-11 15:05:48 | 2025-11-11 08:17:27 |
| EXPLOITDB | exploitdb_EDB-22471 |
2025-11-11 15:05:48 | 2025-11-11 08:17:27 |
| EXPLOITDB | exploitdb_EDB-55 |
2025-11-11 15:05:26 | 2025-11-11 09:02:51 |
| EXPLOITDB | exploitdb_EDB-7 |
2025-11-11 15:05:26 | 2025-11-11 09:03:30 |
| EXPLOITDB | exploitdb_EDB-9924 |
2025-11-11 15:05:29 | 2025-11-11 09:07:03 |
版本与语言
当前版本:
v15
主要语言:
EN
支持语言:
EN
ZH
其他标识符:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
安全公告
暂无安全公告信息
变更历史
v15
EXPLOITDB
2025-11-11 17:07:03
references_count: 38 → 40; tags_count: 17 → 18
查看详细变更
- references_count: 38 -> 40
- tags_count: 17 -> 18
v14
EXPLOITDB
2025-11-11 17:03:30
references_count: 36 → 38; tags_count: 16 → 17
查看详细变更
- references_count: 36 -> 38
- tags_count: 16 -> 17
v13
EXPLOITDB
2025-11-11 17:02:51
references_count: 34 → 36; tags_count: 14 → 16
查看详细变更
- references_count: 34 -> 36
- tags_count: 14 -> 16
v12
EXPLOITDB
2025-11-11 16:17:27
references_count: 32 → 34; tags_count: 13 → 14
查看详细变更
- references_count: 32 -> 34
- tags_count: 13 -> 14
v11
EXPLOITDB
2025-11-11 16:17:27
references_count: 30 → 32; tags_count: 12 → 13
查看详细变更
- references_count: 30 -> 32
- tags_count: 12 -> 13
v10
EXPLOITDB
2025-11-11 16:17:27
references_count: 28 → 30; tags_count: 11 → 12
查看详细变更
- references_count: 28 -> 30
- tags_count: 11 -> 12
v9
EXPLOITDB
2025-11-11 16:17:27
references_count: 26 → 28; tags_count: 9 → 11
查看详细变更
- references_count: 26 -> 28
- tags_count: 9 -> 11
v8
EXPLOITDB
2025-11-11 16:11:15
references_count: 24 → 26; tags_count: 8 → 9
查看详细变更
- references_count: 24 -> 26
- tags_count: 8 -> 9
v7
EXPLOITDB
2025-11-11 16:11:15
references_count: 22 → 24; tags_count: 7 → 8
查看详细变更
- references_count: 22 -> 24
- tags_count: 7 -> 8
v6
EXPLOITDB
2025-11-11 16:11:15
references_count: 20 → 22; tags_count: 6 → 7
查看详细变更
- references_count: 20 -> 22
- tags_count: 6 -> 7
v5
EXPLOITDB
2025-11-11 16:10:59
references_count: 18 → 20; tags_count: 4 → 6
查看详细变更
- references_count: 18 -> 20
- tags_count: 4 -> 6
v4
EXPLOITDB
2025-11-11 16:00:22
references_count: 15 → 18; tags_count: 0 → 4; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- references_count: 15 -> 18
- tags_count: 0 -> 4
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3
CNNVD
2025-11-11 15:48:51
vulnerability_type: 未提取 → 授权问题; cnnvd_id: 未提取 → CNNVD-200305-012; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 授权问题
- cnnvd_id: 未提取 -> CNNVD-200305-012
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:41:05
severity: SeverityLevel.MEDIUM → SeverityLevel.CRITICAL; cvss_score: 未提取 → 10.0; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:C/I:C/A:C; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 78; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.CRITICAL
- cvss_score: 未提取 -> 10.0
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:C/I:C/A:C
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 78
- data_sources: ['cve'] -> ['cve', 'nvd']