{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-02-09T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-08-20T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20040211 Re: Samba 3.x + kernel 2.6.x local root vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=107657505718743&w=2"}, {"name": "3916", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/3916"}, {"name": "samba-smbmnt-gain-privileges(15131)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15131"}, {"name": "20040209 Samba 3.x + kernel 2.6.x local root vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=107636290906296&w=2"}, {"name": "DSA-463", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2004/dsa-463"}, {"name": "9619", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/9619"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0186", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20040211 Re: Samba 3.x + kernel 2.6.x local root vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=107657505718743&w=2"}, {"name": "3916", "refsource": "OSVDB", "url": "http://www.osvdb.org/3916"}, {"name": "samba-smbmnt-gain-privileges(15131)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15131"}, {"name": "20040209 Samba 3.x + kernel 2.6.x local root vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=107636290906296&w=2"}, {"name": "DSA-463", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-463"}, {"name": "9619", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9619"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:10:03.679Z"}, "title": "CVE Program Container", "references": [{"name": "20040211 Re: Samba 3.x + kernel 2.6.x local root vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=107657505718743&w=2"}, {"name": "3916", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/3916"}, {"name": "samba-smbmnt-gain-privileges(15131)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15131"}, {"name": "20040209 Samba 3.x + kernel 2.6.x local root vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=107636290906296&w=2"}, {"name": "DSA-463", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2004/dsa-463"}, {"name": "9619", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/9619"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0186", "datePublished": "2004-09-01T04:00:00.000Z", "dateReserved": "2004-03-02T00:00:00.000Z", "dateUpdated": "2024-08-08T00:10:03.679Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "245628A9-A5DC-403F-A781-7A066E9ECC78", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F84FB25B-5EA5-48DC-B528-E8CCF714C919", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted."}, {"lang": "es", "value": "smbmnt en Samba 2.0 y 3.0 para Linux 2.6, cuando se instala con setuid, permite a usuarios locales ganar privilegios de root montando un recurso compartido de Samba que contiene un programa con setuid de root, cuyos atributos no se limpian cuando el recurso compartido es eliminado."}], "id": "CVE-2004-0186", "lastModified": "2026-04-16T00:27:16.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-03-15T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=107636290906296&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=107657505718743&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2004/dsa-463"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/3916"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/9619"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15131"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=107636290906296&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=107657505718743&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2004/dsa-463"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/3916"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/9619"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15131"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}