Search for vulnerabilities
Vulnerability details: VCID-8w8p-qmny-aaaa
Vulnerability ID VCID-8w8p-qmny-aaaa
Aliases CVE-2004-0882
Summary Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2004:632
epss 0.22515 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33008 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33008 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33008 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.33808 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95401 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95401 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95401 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95488 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95488 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95488 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95907 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95907 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95907 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95907 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95907 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95907 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
epss 0.95907 https://api.first.org/data/v1/epss?cve=CVE-2004-0882
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1617311
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2004-0882
Reference id Reference type URL
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
http://marc.info/?l=bugtraq&m=110054671403755&w=2
http://marc.info/?l=bugtraq&m=110055646329581&w=2
http://marc.info/?l=bugtraq&m=110330519803655&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0882.json
https://api.first.org/data/v1/epss?cve=CVE-2004-0882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0882
http://secunia.com/advisories/13189
http://security.e-matters.de/advisories/132004.html
http://securitytracker.com/id?1012235
https://exchange.xforce.ibmcloud.com/vulnerabilities/18070
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969
http://www.ciac.org/ciac/bulletins/p-038.shtml
http://www.kb.cert.org/vuls/id/457622
http://www.novell.com/linux/security/advisories/2004_40_samba.html
http://www.osvdb.org/11782
http://www.trustix.net/errata/2004/0058/
1617311 https://bugzilla.redhat.com/show_bug.cgi?id=1617311
cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*
CVE-2004-0882 https://nvd.nist.gov/vuln/detail/CVE-2004-0882
RHSA-2004:632 https://access.redhat.com/errata/RHSA-2004:632
USN-29-1 https://usn.ubuntu.com/29-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2004-0882
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.93278
EPSS Score 0.22515
Published At March 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.