published date: May 5, 2003

CVE-2003-0201 : Buffer Overflow Vulnerability

Description

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

Product(s):

HP CIFS_9000 Server A.01.05
HP CIFS_9000 Server A.01.06
HP CIFS_9000 Server A.01.07
HP CIFS_9000 Server A.01.08.01
HP CIFS_9000 Server A.01.08
HP CIFS_9000 Server A.01.09.01
HP CIFS_9000 Server A.01.09.02
HP CIFS_9000 Server A.01.09
Samba-TNG Samba-TNG 0.3.1
Samba-TNG Samba-TNG 0.3
Samba 2.0.0
Samba 2.0.10
Samba 2.0.1
Samba 2.0.2
Samba 2.0.3
Samba 2.0.4
Samba 2.0.5
Samba 2.0.5a
Samba 2.0.6
Samba 2.0.7
Samba 2.0.8
Samba 2.0.9
Samba 2.2.0
Samba 2.2.0a
Samba Samba 2.2.0a
Samba Samba 2.2.1a
Samba Samba 2.2.3a
Samba 2.2.4
Samba 2.2.5
Samba 2.2.6
Samba 2.2.7
Samba 2.2.7a
Samba Samba 2.2.7a
Samba 2.2.8
Samba 2.2.8a
Apple Mac OS X 10.2.1
Apple Mac OS X 10.2.2
Apple Mac OS X 10.2.3
Apple Mac OS X 10.2.4
Apple Mac OS X 10.2
Compaq Tru64 4.0b
Compaq Tru64 4.0d
Compaq Tru64 4.0d PK9_BL17
Compaq Tru64 4.0f
Compaq Tru64 4.0f PK6_BL17
Compaq Tru64 4.0f PK7_BL18
Compaq Tru64 4.0g
Compaq Tru64 4.0g PK3_BL17
Compaq Tru64 5.0
Compaq Tru64 5.0 PK4_BL17
Compaq Tru64 5.0 PK4_BL18
Compaq Tru64 5.0a
Compaq Tru64 5.0a PK3_BL17
Compaq Tru64 5.0f
Compaq Tru64 5.1
Compaq Tru64 5.1 PK3_BL17
Compaq Tru64 5.1 PK4_BL18
Compaq Tru64 5.1 PK5_BL19
Compaq Tru64 5.1 PK6_BL20
Compaq Tru64 5.1a
Compaq Tru64 5.1a PK1_BL1
Compaq Tru64 5.1a PK2_BL2
Compaq Tru64 5.1a PK3_BL3
Compaq Tru64 5.1b
Compaq Tru64 5.1b PK1_BL1
HP HP-UX 10.01
HP HP-UX 10.20
HP HP-UX 10.24
HP-UX 11.00
HP HP-UX 11.04
HP-UX 11.11
HP-UX 11i v1.5
HP-UX 11i v1.6
Sun Solaris 2.5.1 on PPC
Sun Solaris 2.5.1 on x86
Sun Solaris 2.6
Sun Solaris 2.6 HW3
Sun Solaris 2.6 x86HW3
Sun Solaris 2.6 HW5
Sun Solaris 2.6 x86HW5
Sun Solaris 7.0 on x86
Sun Solaris 8.0 on X86
Sun Solaris 9.0 on SPARC
Sun Solaris 9.0 on x86
Sun Solaris 9.0 x86 Update 2
Sun SunOS (formerly Solaris)
Sun Microsystems Solaris 2.5.1
Sun Microsystems Solaris 7
Sun SunOS (Solaris 8) 5.8

CVSS:10 [Critical]
EPSS:76.92%
Exploitability:10
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2003-0201, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2003-0201 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-2003-0201

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales