Samba Mksmbpasswd.sh Insecure User Account Creation Vulnerability

BID:9637

Info

Samba Mksmbpasswd.sh Insecure User Account Creation Vulnerability

Bugtraq ID: 9637
Class: Design Error
CVE: CVE-2004-0082
Remote: Yes
Local: No
Published: Feb 10 2004 12:00AM
Updated: Aug 05 2010 07:45PM
Credit: This vulnerability was announced by the vendor.
Vulnerable: Samba Samba 3.0.1
Samba Samba 3.0 alpha
Samba Samba 3.0
+ Apple Mac OS X 10.3.2
+ Apple Mac OS X 10.3.2
+ Apple Mac OS X 10.3.1
+ Apple Mac OS X 10.3.1
+ Apple Mac OS X 10.3
+ Apple Mac OS X 10.3
+ Apple Mac OS X Server 10.3.2
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3
+ Apple Mac OS X Server 10.3
Samba Samba 3.0.0
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux AS 3
Not Vulnerable: Samba Samba 3.0.2

Discussion

Samba Mksmbpasswd.sh Insecure User Account Creation Vulnerability

The mksmbpasswd.sh shell script that is shipped with Samba is reported prone to a vulnerability. The issue results in the creation of insecure user accounts.

A remote attacker may exploit this issue by accessing a Samba share using an insecure account that was created using the affected script.

Exploit / POC

Samba Mksmbpasswd.sh Insecure User Account Creation Vulnerability

There is no exploit required.

Solution / Fix

Samba Mksmbpasswd.sh Insecure User Account Creation Vulnerability

Solution:
Red Hat has released an advisory (RHSA-2004:064-10) and fixes to address this issue in Red Hat enterprise products. Customers who are subscribed to the Red Hat Network may employ the up2date utility to retrieve appropriate fixes, further information can be found in the referenced advisory. Red Hat have stated that after the update is applied, "/sbin/service winbind condrestart" must be run as root to restart the winbind daemon.

Fedora has released advisory FEDORA-2004-074 dealing with this issue.

The vendor has released an upgrade to address this issue:


Samba Samba 3.0

Samba Samba 3.0 alpha

Samba Samba 3.0.1

References

Samba Mksmbpasswd.sh Insecure User Account Creation Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report