SMB: Linux Kernel SMBFS trans2 Overflow
This signature detects attempts to exploit a known vulnerability in the Server Message Block File System (SMBFS) implemented in the Linux kernel. Kernels 2.4 and 2.6 are vulnerable. Successful attackers can gain root access on the target host.
Extended Description
The Linux kernel is reported prone to multiple remote vulnerabilities in the SMBFS network filesystem. These vulnerabilities may lead to the execution of attacker-supplied machine code, information disclosure of kernel memory, or crashes of the kernel, denying service to legitimate users. Versions of the kernel in both the 2.4 and the 2.6 series are reported prone to various issues.
Affected Products
Linux kernel
References
BugTraq: 11695
CVE: CVE-2004-0949
URL: http://xforce.iss.net/xforce/xfdb/18137 http://www.kb.cert.org/vuls/id/726198
Short Name
SMB:EXPLOIT:LINUX-TRANS2-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
CVE-2004-0949 Kernel Linux Overflow SMBFS bid:11695 trans2
Release Date
11/24/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Suse
Trustix
Ubuntu
Avaya
Linux
Mandriva
Debian
CVSS Score
6.4