[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-0930Date: (C)2005-01-27   (M)2023-12-22


The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SUNALERT-101783
BID-11624
http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false
http://marc.info/?l=bugtraq&m=109993720717957&w=2
20041201-01-P
APPLE-SA-2005-03-21
CLA-2004:899
http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml
MDKSA-2004:131
OpenPKG-SA-2004.054
SCOSA-2005.17
SUSE-SA:2004:040
USN-22-1
oval:org.mitre.oval:def:10936
samba-msfnmatch-dos(17987)

CPE    9
cpe:/a:samba:samba:3.0.7
cpe:/a:samba:samba:3.0.5
cpe:/a:samba:samba:3.0.6
cpe:/a:samba:samba:3.0.3
...

© SecPod Technologies