FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0930

This CVE name corresponds to:

Entered Topic
2004-11-12 samba -- potential remote DoS vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2004-0930
Phase Assigned(20041004)

Description

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

References

Source Reference
IDEFENSE 20041108 Samba SMBD Remote Denial of Service Vulnerability
BUGTRAQ 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability
APPLE APPLE-SA-2005-03-21
CONECTIVA CLA-2004:899
GENTOO GLSA-200411-21
MANDRAKE MDKSA-2004:131
SCO SCOSA-2005.17
SGI 20041201-01-P
SUNALERT 101783
SUSE SUSE-SA:2004:040
UBUNTU USN-22-1
OPENPKG OpenPKG-SA-2004.054
BID 11624
OVAL oval:org.mitre.oval:def:10936
XF samba-msfnmatch-dos(17987)