// For flags

CVE-2004-0186

Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.

smbmnt en Samba 2.0 y 3.0 para Linux 2.6, cuando se instala con setuid, permite a usuarios locales ganar privilegios de root montando un recurso compartido de Samba que contiene un programa con setuid de root, cuyos atributos no se limpian cuando el recurso compartido es eliminado.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2004-02-09 First Exploit
  • 2004-03-02 CVE Reserved
  • 2004-03-15 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-08 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Samba
Search vendor "Samba"
Samba
Search vendor "Samba" for product "Samba"
2.0
Search vendor "Samba" for product "Samba" and version "2.0"
-
Affected
Samba
Search vendor "Samba"
Samba
Search vendor "Samba" for product "Samba"
3.0.0
Search vendor "Samba" for product "Samba" and version "3.0.0"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test1
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test10
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test11
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test2
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test3
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test4
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test5
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test6
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test7
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test8
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.0
Search vendor "Linux" for product "Linux Kernel" and version "2.6.0"
test9
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.1
Search vendor "Linux" for product "Linux Kernel" and version "2.6.1"
rc1
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.1
Search vendor "Linux" for product "Linux Kernel" and version "2.6.1"
rc2
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6_test9_cvs
Search vendor "Linux" for product "Linux Kernel" and version "2.6_test9_cvs"
-
Affected