CVE-2004-0600

Samba <3.0.4 - RCE

Title source: llm

Description

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Noam Rathaus · perlremotelinux

https://www.exploit-db.com/exploits/364

View Code ZIP pw:eip

References (14)

[Vendor Advisory] http://www.trustix.org/errata/2004/0039/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16785

[Vendor Advisory] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851

[Patch, Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2004-259.html

[Mailing List] http://marc.info/?l=bugtraq&m=109052891507263&w=2

[Vendor Advisory] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000854

[Mailing List] http://marc.info/?l=bugtraq&m=109051533021376&w=2

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11445

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2004_22_samba.html

[Mailing List] http://marc.info/?l=bugtraq&m=109051340810458&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=109053195818351&w=2

[Various Sources] http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:071

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200407-21.xml

[Mailing List] http://marc.info/?l=bugtraq&m=109052647928375&w=2

Scores

EPSS 0.5961

EPSS Percentile 98.3%

Details

Status published

Products (7)

samba/samba 3.0.2

samba/samba 3.0.2a

samba/samba 3.0.3

samba/samba 3.0.4

trustix/secure_linux 1.5

trustix/secure_linux 2.0

trustix/secure_linux 2.1

Published Jul 27, 2004

Tracked Since Feb 18, 2026