The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2024-08-08T00:01:23.636Z

Reserved: 2004-01-19T00:00:00

Link: CVE-2004-0082

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-03-03T05:00:00.000

Modified: 2024-11-20T23:47:43.593

Link: CVE-2004-0082

cve-icon Redhat

Severity : Low

Publid Date: 2004-02-13T00:00:00Z

Links: CVE-2004-0082 - Bugzilla