Vulnerability Name:

CVE-2004-0807 (CCN-17325)

Assigned:2004-09-13
Published:2004-09-13
Updated:2017-10-11
Summary:Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: SGI Security Advisory 20041001-01-U
SGI Advanced Linux Environment 3 Security Update #13

Source: SGI
Type: UNKNOWN
20041201-01-P

Source: MITRE
Type: CNA
CVE-2004-0807

Source: CONECTIVA
Type: Patch, Vendor Advisory
CLA-2004:873

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2004:873
Fix for samba vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20040913 Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)

Source: BUGTRAQ
Type: UNKNOWN
20040915 [OpenPKG-SA-2004.040] OpenPKG Security Advisory (samba)

Source: CCN
Type: RHSA-2004-467
samba security update

Source: CCN
Type: Slackware-security Mailing List, Mon, 13 Sep 2004 23:31:52 -0700 (PDT)
[slackware-security] samba DoS (SSA:2004-257-01)

Source: CCN
Type: Samba Web site
Samba - opening windows to a wider world

Source: CCN
Type: Samba History Web page
Release Notes for Samba 3.0.7

Source: CCN
Type: GLSA-200409-16
Samba: Denial of Service vulnerabilities

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200409-16

Source: CCN
Type: iDEFENSE Security Advisory 09.13.04
Samba 3.x SMBD Remote Denial of Service Vulnerability

Source: IDEFENSE
Type: Patch, Vendor Advisory
20040913 Samba 3.x SMBD Remote Denial of Service Vulnerability

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2004:092

Source: CCN
Type: OpenPKG-SA-2004.040
Samba

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2004:467

Source: CCN
Type: BID-11156
Samba Multiple ASN.1 and MailSlot Parsing Remote Denial Of Service Vulnerabilities

Source: TRUSTIX
Type: Patch, Vendor Advisory
2004-0046

Source: XF
Type: UNKNOWN
samba-asn1-smbd-dos(17325)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11141

Source: SUSE
Type: SUSE-SA:2004:032
apache2: remote denial-of-service

Source: SUSE
Type: SUSE-SA:2004:034
XFree86-libs xshared: remote command execution

Vulnerable Configuration:Configuration 1:
  • cpe:/a:samba:samba:3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.2a:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:sgi:samba:3.0:*:irix:*:*:*:*:*
  • OR cpe:/a:sgi:samba:3.0.1:*:irix:*:*:*:*:*
  • OR cpe:/a:sgi:samba:3.0.2:*:irix:*:*:*:*:*
  • OR cpe:/a:sgi:samba:3.0.3:*:irix:*:*:*:*:*
  • OR cpe:/a:sgi:samba:3.0.4:*:irix:*:*:*:*:*
  • OR cpe:/a:sgi:samba:3.0.5:*:irix:*:*:*:*:*
  • OR cpe:/a:sgi:samba:3.0.6:*:irix:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:samba:samba:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.2a:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:samba:samba:3.0.5:*:*:*:*:*:*:*
  • AND
  • cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:slackware:slackware_linux:current:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:11141
    V
    		Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
    2013-04-29
    oval:org.opensuse.security:def:20040807
    V
    		CVE-2004-0807
    2012-08-30
    oval:com.redhat.rhsa:def:20040467
    P
    		RHSA-2004:467: samba security update (Important)
    2004-09-23
    BACK
    samba samba 3.0.0
    samba samba 3.0.1
    samba samba 3.0.2
    samba samba 3.0.2a
    samba samba 3.0.3
    samba samba 3.0.4
    samba samba 3.0.4 rc1
    samba samba 3.0.5
    samba samba 3.0.6
    sgi samba 3.0
    sgi samba 3.0.1
    sgi samba 3.0.2
    sgi samba 3.0.3
    sgi samba 3.0.4
    sgi samba 3.0.5
    sgi samba 3.0.6
    conectiva linux 9.0
    conectiva linux 10.0
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux 10.0
    suse suse linux 8
    suse suse linux 8.1
    suse suse linux 8.2
    suse suse linux 9.0
    suse suse linux 9.0
    suse suse linux 9.0
    suse suse linux 9.1
    samba samba 3.0.1
    samba samba 3.0.2
    samba samba 3.0.6
    samba samba 3.0.4
    samba samba 3.0.2a
    samba samba 3.0.3
    samba samba 3.0.0
    samba samba 3.0.5
    openpkg openpkg current
    gentoo linux *
    suse suse linux 8.1
    suse linux enterprise server 8
    slackware slackware linux current
    suse suse linux 8.2
    conectiva linux 9.0
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    openpkg openpkg 2.0
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    conectiva linux 10
    openpkg openpkg 2.1
    slackware slackware linux 10.0
    suse linux enterprise server 9
    mandrakesoft mandrake linux 10.0