CVE-2004-0186

Samba 2.x-3.x - Privilege Escalation

Title source: llm

Description

smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Martin Fiala · textlocallinux

https://www.exploit-db.com/exploits/23674

View Code ZIP pw:eip

References (6)

[Mailing List] http://marc.info/?l=bugtraq&m=107636290906296&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=107657505718743&w=2

[Patch, Vendor Advisory] http://www.debian.org/security/2004/dsa-463

[Third Party Advisory, VDB Entry] http://www.osvdb.org/3916

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/9619

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15131

Scores

EPSS 0.0053

EPSS Percentile 66.6%

Classification

Status draft

Affected Products (17)

samba/samba

linux/linux_kernel

... and 2 more

Timeline

Published Mar 15, 2004

Tracked Since Feb 18, 2026