CVE Vulnerabilities

CVE-2004-0930

Published: Jan 27, 2005 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

Affected Software

Name Vendor Start Version End Version
Samba Samba 3.0.0 (including) 3.0.0 (including)
Samba Samba 3.0.3 (including) 3.0.3 (including)
Samba Samba 3.0.4 (including) 3.0.4 (including)
Samba Samba 3.0.5 (including) 3.0.5 (including)
Samba Samba 3.0.6 (including) 3.0.6 (including)
Samba Samba 3.0.7 (including) 3.0.7 (including)
Samba Sgi 3.0 (including) 3.0 (including)
Samba Sgi 3.0.1 (including) 3.0.1 (including)
Samba Sgi 3.0.2 (including) 3.0.2 (including)
Samba Sgi 3.0.3 (including) 3.0.3 (including)
Samba Sgi 3.0.4 (including) 3.0.4 (including)
Samba Sgi 3.0.5 (including) 3.0.5 (including)
Samba Sgi 3.0.6 (including) 3.0.6 (including)
Samba Sgi 3.0.7 (including) 3.0.7 (including)
Linux Conectiva 10.0 (including) 10.0 (including)
Red Hat Enterprise Linux 3 RedHat samba-0:3.0.7-1.3E.1 *
Samba Ubuntu devel *

References