VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Apr 16, 2026

CVE-2004-1154

CVE-2004-1154

Description

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

Affected products

53
  • Samba (software)/Samba40 versions
    cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*+ 39 more
    • cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
  • Red Hat/Fedora Core2 versions
    cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
  • SUSE S.A./Linux8 versions
    cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*+ 7 more
    • cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • Trustix/Secure Linux3 versions
    cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

16

News mentions

0

No linked articles in our index yet.