Unrated severityNVD Advisory· Published Oct 20, 2003· Updated Apr 16, 2026

CVE-2003-0686

Description

Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.

Affected products

Dave Airlie/Pam Smb8 versions
cpe:2.3:a:dave_airlie:pam_smb:1.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:dave_airlie:pam_smb:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:dave_airlie:pam_smb:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:dave_airlie:pam_smb:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:dave_airlie:pam_smb:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:dave_airlie:pam_smb:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:dave_airlie:pam_smb:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:dave_airlie:pam_smb:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:dave_airlie:pam_smb:2.0_rc4:*:*:*:*:*:*:*
Red Hat/Pam Smb4 versions
cpe:2.3:a:redhat:pam_smb:1.1.6-2:*:i386:*:*:*:*:*+ 3 more
- cpe:2.3:a:redhat:pam_smb:1.1.6-2:*:i386:*:*:*:*:*
- cpe:2.3:a:redhat:pam_smb:1.1.6-2:*:ia64:*:*:*:*:*
- cpe:2.3:a:redhat:pam_smb:1.1.6-5:*:i386:*:*:*:*:*
- cpe:2.3:a:redhat:pam_smb:1.1.6-7:*:i386:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2003/dsa-374nvdPatchVendor Advisory
www.redhat.com/support/errata/RHSA-2003-262.htmlnvdPatchVendor Advisory
www.kb.cert.org/vuls/id/680260nvdUS Government Resource
distro.conectiva.com.br/atualizacoes/nvd
marc.infonvd
secunia.com/advisories/9611nvd
us2.samba.org/samba/ftp/pam_smb/nvd
www.redhat.com/support/errata/RHSA-2003-261.htmlnvd
www.turbolinux.com/security/TLSA-2003-50.txtnvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A469nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.039
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000