Bugzilla – Bug 63019
VUL-0: CVE-2004-0930: Potential Remote Denial of Service +Vulnerability in Samba 3.0.x <= 3.0.7
Last modified: 2021-10-13 10:21:04 UTC
From: "Gerald (Jerry) Carter" <jerry@samba.org> To: vendor-sec@lst.de Subject: [vendor-sec] [SAMBA] CAN-2004-0930: Potential Remote Denial of Service +Vulnerability in Samba 3.0.x <= 3.0.7 This is just a heads up to all interested vendors about a security announcement and release happening later today, Nov 8. The bug is fixed in 3.0.8. Sorry for not giving you more lead time on this one. Look for the public announcement around 09:00 CST (GMT-6) Monday, Nov 8 (today). cheers, jerry - ---------------------------------------------------------- Subject: Potential Remote Denial of Service CVE #: CAN-2004-0930 Affected Versions: Samba 3.0.x <= 3.0.7 Summary: A remote attacker could cause and smbd process to consume abnormal amounts of system resources due to an input validation error when matching filenames containing wildcard characters. Patch Availability - ------------------ A patch for Samba 3.0.7 has been attached to this announcement. The patch has been signed with the "Samba Distribution Verification Key" (key id F17F9772). Description - ----------- A bug in the input validation routines used to match filename strings containing wildcard characters may allow a user to consume more than normal amounts of CPU cycles thus impacting the performance and response of the server. In some circumstances the server can become entirely unresponsive. Protecting Unpatched Servers - ---------------------------- The Samba Team always encourages users to run the latest stable release as a defense of against attacks. However, under certain circumstances it may not be possible to immediately upgrade important installations. In such cases, administrators should read the "Server Security" documentation found at http://www.samba.org/samba/docs/server_security.html. Credits - -------- This security issue was reported to Samba developers by iDEFENSE (http://www.idefense.com/). Karol Wiesek is credited with this discovery. - -- Our Code, Our Bugs, Our Responsibility. -- The Samba Team
<!-- SBZ_reproduce --> n/a
Created attachment 25863 [details] samba-3.0.7-CAN-2004-0930.patch patch to fix issue.
Start to work on the fix for SLES 9, 9.1, and 9.2.
Packages fixed, mbuilt, and submitted for SLES9 and 9.2. Patchinfo files written and submitted. Assign to the securtity-team for further processing.
thanks. i wrote a luafzettel already, waiting for checkin and qa now.
Connect to a share with smbclient and call dir ***********************************************a
packages approved, advisory released.
CVE-2004-0930: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)