Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0930

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0930
Last Modified 20 Aug 2013 12:32:32
Published 27 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0930

Summary

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

Vulnerable Systems

Operating System

  • Conectiva Linux 10.0

  • Gentoo Linux

  • Redhat Enterprise Linux 2.1

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux Desktop 3.0

  • Redhat Fedora Core Core 2.0

  • Redhat Fedora Core Core 3.0

  • Redhat Linux Advanced Workstation 2.1

Application

  • Samba 3.0.0

  • Samba 3.0.3

  • Samba 3.0.4

  • Samba 3.0.5

  • Samba 3.0.6

  • Samba 3.0.7

  • Sgi Samba 3.0

  • Sgi Samba 3.0.1

  • Sgi Samba 3.0.2

  • Sgi Samba 3.0.3

  • Sgi Samba 3.0.4

  • Sgi Samba 3.0.5

  • Sgi Samba 3.0.6

  • Sgi Samba 3.0.7


References

BID - 11624

IDEFENSE - 20041108 Samba SMBD Remote Denial of Service Vulnerability

XF - samba-msfnmatch-dos(17987)

SUSE - SUSE-SA:2004:040

GENTOO - GLSA 200411-21

APPLE - APPLE-SA-2005-03-21

SGI - 20041201-01-P

SCO - SCOSA-2005.17

MANDRAKE - MDKSA-2004:131

SUNALERT - 101783

OPENPKG - OpenPKG-SA-2004.054

UBUNTU - USN-22-1

BUGTRAQ - 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability

CONECTIVA - CLA-2004:899


Last Updated: 27 May 2016 10:38:49