Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3403

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3403
Last Modified 02 Aug 2013 01:11:00
Published 12 Jul 2006 03:05:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3403

Summary

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

Vulnerable Systems

Application

  • Samba 3.0.1

  • Samba 3.0.10

  • Samba 3.0.11

  • Samba 3.0.12

  • Samba 3.0.13

  • Samba 3.0.14

  • Samba 3.0.14a

  • Samba 3.0.15

  • Samba 3.0.16

  • Samba 3.0.17

  • Samba 3.0.18

  • Samba 3.0.19

  • Samba 3.0.2

  • Samba 3.0.20a

  • Samba 3.0.20b

  • Samba 3.0.21

  • Samba 3.0.21a

  • Samba 3.0.21b

  • Samba 3.0.21c

  • Samba 3.0.22

  • Samba 3.0.3

  • Samba 3.0.4

  • Samba 3.0.5

  • Samba 3.0.6

  • Samba 3.0.7

  • Samba 3.0.8

  • Samba 3.0.9


References

CERT - TA06-333A

CERT-VN - VU#313836

BID - 18927

CONFIRM - http://www.samba.org/samba/security/CAN-2006-3403.html

SECUNIA - 20983

SECUNIA - 20980

VUPEN - ADV-2006-4750

VUPEN - ADV-2006-4502

VUPEN - ADV-2006-2745

HP - HPSBUX02155

XF - samba-smbd-connection-dos(27648)

CONFIRM - http://www.vmware.com/download/esx/esx-213-200610-patch.html

CONFIRM - http://www.vmware.com/download/esx/esx-202-200610-patch.html

UBUNTU - USN-314-1

BUGTRAQ - 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2

BUGTRAQ - 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2

BUGTRAQ - 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4

BUGTRAQ - 20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit

BUGTRAQ - 20060720 Samba Internal Data Structures DOS Vulnerability Exploit

BUGTRAQ - 20060711 rPSA-2006-0128-1 samba samba-swat

BUGTRAQ - 20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

BUGTRAQ - 20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

REDHAT - RHSA-2006:0591

SUSE - SUSE-SR:2006:017

MANDRIVA - MDKSA-2006:120

DEBIAN - DSA-1110

SLACKWARE - SSA:2006-195

SECTRACK - 1016459

MISC - http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html

GENTOO - GLSA-200607-10

SECUNIA - 23155

SECUNIA - 22875

SECUNIA - 21262

SECUNIA - 21190

SECUNIA - 21187

SECUNIA - 21159

SECUNIA - 21143

SECUNIA - 21086

SECUNIA - 21046

SECUNIA - 21019

SECUNIA - 21018

APPLE - APPLE-SA-2006-11-28

CONFIRM - http://docs.info.apple.com/article.html?artnum=304829

SGI - 20060703-01-P

HP - SSRT061235

Related Patches

Apple 2006-11-28 Security Update 2006-007 Mac OS X 10.4.8 (PPC)

Apple 2006-11-28 Security Update 2006-007 Mac OS X 10.4.8 Server (PPC)

Apple 2006-11-28 Security Update 2006-007 Mac OS X 10.4.8 (Intel)


Last Updated: 27 May 2016 10:42:35