Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2004-0930

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

Related bugs and status

CVE-2004-0930 (Candidate) is related to these bugs:

Bug #10017: Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7

Summary				In	Importance	Status
	10017	Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7		samba (Ubuntu)	Critical	Fix Released

Bug #10278: samba: new changes from Debian require merging

Summary				In	Importance	Status
	10278	samba: new changes from Debian require merging		samba (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

APPLE: APPLE-SA-2005-03-21
SCO: SCOSA-2005.17
SGI: 20041201-01-P
SUSE: SUSE-SA:2004:040
BID: 11624
SUNALERT: 101783
MANDRAKE: MDKSA-2004:131
GENTOO: GLSA-200411-21
UBUNTU: USN-22-1
IDEFENSE: 20041108 Samba SMBD Re...
BUGTRAQ: 20041108 [SECURITY] CA...
CONECTIVA: CLA-2004:899
OPENPKG: OpenPKG-SA-2004.054
XF: samba-msfnmatch-dos(17...
OVAL: oval:org.mitre.oval:de...