CVE-2000-0843 - Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attacke

CVE-2000-0843

Summary

Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name.

References

Vulnerable Configurations

cpe:2.3:a:dave_airlie:pam_smb:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:dave_airlie:pam_smb:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:luke_kenneth_casson_leighton:pam_ntdom:0.23:*:*:*:*:*:*:*
cpe:2.3:a:luke_kenneth_casson_leighton:pam_ntdom:0.23:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 05-09-2008 - 20:22)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	1666
bugtraq	20000910 (SRADV00002) Remote root compromise through pam_smb and pam_ntdom 20000911 Conectiva Linux Security Announcement - pam_smb
debian	20000911 libpam-smb: remote root exploit
mandrake	MDKSA-2000:047
suse	20000913 pam_smb remotely exploitable buffer overflow

Last major update

05-09-2008 - 20:22

Published

14-11-2000 - 05:00

Last modified

05-09-2008 - 20:22