[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0452Date: (C)2007-02-05   (M)2023-12-22


smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1017587
SUNALERT-200588
2007-0007
20070201-01-P
http://www.securityfocus.com/archive/1/459167/100/0/threaded
http://www.securityfocus.com/archive/1/459365/100/0/threaded
SREASON-2219
BID-22395
SECUNIA-24021
SECUNIA-24030
SECUNIA-24046
SECUNIA-24060
SECUNIA-24067
SECUNIA-24076
SECUNIA-24101
SECUNIA-24140
SECUNIA-24145
SECUNIA-24151
SECUNIA-24188
SECUNIA-24284
SECUNIA-24792
OSVDB-33100
ADV-2007-0483
ADV-2007-1278
DSA-1257
FEDORA-2007-219
FEDORA-2007-220
GLSA-200702-01
MDKSA-2007:034
RHSA-2007:0060
RHSA-2007:0061
SSA:2007-038-01
SSRT071341
SUSE-SA:2007:016
USN-419-1
http://us1.samba.org/samba/security/CVE-2007-0452.html
https://issues.rpath.com/browse/RPL-1005
oval:org.mitre.oval:def:9758
samba-smbd-filerename-dos(32301)

CPE    22
cpe:/a:samba:samba:3.0.14a
cpe:/a:samba:samba:3.0.21a
cpe:/a:samba:samba:3.0.23c
cpe:/a:samba:samba:3.0.23b
...

© SecPod Technologies