Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0829

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0829
Last Modified 05 Sep 2008 04:39:32
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0829

Summary

smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.

Vulnerable Systems

Application

  • Samba 1.9.17

  • Samba 1.9.18

  • Samba 2.0.0

  • Samba 2.0.1

  • Samba 2.0.2

  • Samba 2.0.3

  • Samba 2.0.4

  • Samba 2.0.5

  • Samba 2.0.5a

  • Samba 2.0.6

  • Samba 2.0.7

  • Samba 2.2.0

  • Samba 2.2.1

  • Samba 2.2.10

  • Samba 2.2.2

  • Samba 2.2.3

  • Samba 2.2.3a

  • Samba 2.2.4

  • Samba 2.2.5

  • Samba 2.2.6

  • Samba 2.2.7

  • Samba 2.2.7a

  • Samba 2.2.8

  • Samba 2.2.8a

  • Samba 2.2.9


References

XF - samba-findnextprintchangenotify-dos(17138)

BUGTRAQ - 20040831 Samba FindNextPrintChangeNotify() Error Lets Remote Authenticated Users Crash smbd

CONFIRM - http://samba.org/samba/history/samba-2.2.11.html

TRUSTIX - 2004-0043

GENTOO - GLSA-200409-14


Last Updated: 27 May 2016 10:38:46