{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0949", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20163", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20163" }, { "name": "11695", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11695" }, { "name": "DSA-1082", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "MDKSA-2005:022", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" }, { "name": "20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=110072140811965&w=2" }, { "name": "FLSA:2336", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336" }, { "name": "oval:org.mitre.oval:def:10360", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10360" }, { "name": "USN-30-1", "refsource": "UBUNTU", "url": "https://www.ubuntu.com/usn/usn-30-1/" }, { "name": "http://security.e-matters.de/advisories/142004.html", "refsource": "MISC", "url": "http://security.e-matters.de/advisories/142004.html" }, { "name": "DSA-1070", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "RHSA-2004:537", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-537.html" }, { "name": "20162", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20162" }, { "name": "linux-smbrecvtrans2-memory-leak(18137)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18137" }, { "name": "DSA-1067", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "DSA-1069", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "2004-0061", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0061/" }, { "name": "RHSA-2004:505", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-505.html" }, { "name": "20202", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20202" }, { "name": "RHSA-2004:504", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-504.html" }, { "name": "13232", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/13232/" }, { "name": "20338", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20338" } ] } }