ID de Prueba:	1.3.6.1.4.1.25623.1.0.150719
Categoría:	Buffer overflow
Título:	Samba 3.0.0 <= 3.0.7 Multiple Vulnerabilities
Resumen:	Samba is prone to multiple vulnerabilities.
Descripción:	Summary: Samba is prone to multiple vulnerabilities. Vulnerability Insight: - CVE-2004-0882: Invalid bounds checking in reply to certain trans2 requests could result in a buffer overrun in smbd. In order to exploit this defect, the attacker must be able to create files with very specific Unicode filenames on the Samba share. - CVE-2004-0930: A bug in the input validation routines used to match filename strings containing wildcard characters may allow a user to consume more than normal amounts of CPU cycles thus impacting the performance and response of the server. In some circumstances the server can become entirely unresponsive. Affected Software/OS: Samba versions 3.0.0 through 3.0.7. Solution: Update to version 3.0.8 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0882 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html Bugtraq: 20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=110054671403755&w=2 Bugtraq: 20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd (Google Search) http://marc.info/?l=bugtraq&m=110055646329581&w=2 Bugtraq: 20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba) (Google Search) http://marc.info/?l=bugtraq&m=110330519803655&w=2 CERT/CC vulnerability note: VU#457622 http://www.kb.cert.org/vuls/id/457622 Computer Incident Advisory Center Bulletin: P-038 http://www.ciac.org/ciac/bulletins/p-038.shtml Conectiva Linux advisory: CLA-2004:899 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899 http://security.e-matters.de/advisories/132004.html http://www.osvdb.org/11782 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969 SCO Security Bulletin: SCOSA-2005.17 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt http://securitytracker.com/id?1012235 http://secunia.com/advisories/13189 SGI Security Advisory: 20041201-01-P ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P SuSE Security Announcement: SUSE-SA:2004:040 (Google Search) http://www.novell.com/linux/security/advisories/2004_40_samba.html http://www.trustix.net/errata/2004/0058/ XForce ISS Database: samba-qfilepathinfo-bo(18070) https://exchange.xforce.ibmcloud.com/vulnerabilities/18070 Common Vulnerability Exposure (CVE) ID: CVE-2004-0930 BugTraq ID: 11624 http://www.securityfocus.com/bid/11624 Bugtraq: 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=109993720717957&w=2 http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false http://www.mandriva.com/security/advisories?name=MDKSA-2004:131 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1 https://www.ubuntu.com/usn/usn-22-1/ XForce ISS Database: samba-msfnmatch-dos(17987) https://exchange.xforce.ibmcloud.com/vulnerabilities/17987
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.