Overview
The pam_smb module contains a remotely exploitable buffer overflow vulnerability. This module is used to authenticate users using an external Server Message Block (SMB) server. A remote attacker may be able to exploit this vulnerability to run arbitrary commands on the system.
Description
The pam_smb module versions 1.1.6 and prior contain a remotely exploitable buffer overflow vulnerability in the processing of the password buffer. This module is used when a system is configured to authenticate users using an external Server Message Block (SMB) server. |
Impact
An unauthenticated remote attacker may be able to exploit this vulnerability to run arbitrary commands on the system. |
Solution
This problem is reportedly resolved in version 1.1.7 of the pam_smb module. Upgrade, or apply the patches provided by your vendor. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
The Red Hat Security Team has recognized Dave Airlie of the Samba team for reporting this vulnerability.
This document was written by Jason A Rafail.
Other Information
| CVE IDs: | CVE-2003-0686 |
| Severity Metric: | 8.44 |
| Date Public: | 2003-08-26 |
| Date First Published: | 2003-08-29 |
| Date Last Updated: | 2003-08-29 18:10 UTC |
| Document Revision: | 9 |