Search for vulnerabilities
Vulnerability details: VCID-a8sh-cqyp-aaaf
Vulnerability ID VCID-a8sh-cqyp-aaaf
Aliases CVE-2003-0085
Summary Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.84067 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.86073 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96331 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96331 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96331 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96331 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96331 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96331 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96331 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96609 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
epss 0.96609 https://api.first.org/data/v1/epss?cve=CVE-2003-0085
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=1616963
cvssv2 10 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2003-0085
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I
http://marc.info/?l=bugtraq&m=104792646416629&w=2
http://marc.info/?l=bugtraq&m=104792723017768&w=2
http://marc.info/?l=bugtraq&m=104801012929374&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0085.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0085
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0085
http://secunia.com/advisories/8299
http://secunia.com/advisories/8303
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A552
http://www.debian.org/security/2003/dsa-262
http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml
http://www.kb.cert.org/vuls/id/298233
http://www.mandriva.com/security/advisories?name=MDKSA-2003:032
http://www.novell.com/linux/security/advisories/2003_016_samba.html
http://www.redhat.com/support/errata/RHSA-2003-095.html
http://www.redhat.com/support/errata/RHSA-2003-096.html
http://www.securityfocus.com/archive/1/316165/30/25370/threaded
http://www.securityfocus.com/archive/1/317145/30/25220/threaded
http://www.securityfocus.com/bid/7106
1616963 https://bugzilla.redhat.com/show_bug.cgi?id=1616963
cpe:2.3:a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:*
cpe:2.3:a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:*
cpe:2.3:a:hp:cifs-9000_server:a.01.07:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:cifs-9000_server:a.01.07:*:*:*:*:*:*:*
cpe:2.3:a:hp:cifs-9000_server:a.01.08:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:cifs-9000_server:a.01.08:*:*:*:*:*:*:*
cpe:2.3:a:hp:cifs-9000_server:a.01.08.01:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:cifs-9000_server:a.01.08.01:*:*:*:*:*:*:*
cpe:2.3:a:hp:cifs-9000_server:a.01.09:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:cifs-9000_server:a.01.09:*:*:*:*:*:*:*
cpe:2.3:a:hp:cifs-9000_server:a.01.09.01:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:cifs-9000_server:a.01.09.01:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
CVE-2003-0085 https://nvd.nist.gov/vuln/detail/CVE-2003-0085
CVE-2003-0085;OSVDB-6323 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16321.rb
CVE-2003-0085;OSVDB-6323 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/9936.rb
CVE-2003-0085;OSVDB-6323 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22356.c
CVE-2003-0085;OSVDB-6323 Exploit https://www.securityfocus.com/bid/7106/info
RHSA-2003:095 https://access.redhat.com/errata/RHSA-2003:095
RHSA-2003:096 https://access.redhat.com/errata/RHSA-2003:096
RHSA-2003:226 https://access.redhat.com/errata/RHSA-2003:226
Data source Exploit-DB
Date added March 15, 2003
Description Samba 2.2.x - CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow
Ransomware campaign use Known
Source publication date March 15, 2003
Exploit type remote
Platform unix
Source update date Sept. 6, 2017
Source URL https://www.securityfocus.com/bid/7106/info
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0085
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.9913
EPSS Score 0.84067
Published At March 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.