FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

samba -- potential remote DoS vulnerability

Affected packages
3.* < samba < 3.0.8
3.*,1 < samba < 3.0.8,1

Details

VuXML ID ba13dc13-340d-11d9-ac1b-000d614f7fad
Discovery 2004-09-30
Entry 2004-11-12
Modified 2008-09-26

Karol Wiesek at iDEFENSE reports:

A remote attacker could cause an smbd process to consume abnormal amounts of system resources due to an input validation error when matching filenames containing wildcard characters.

[source]

Although samba.org classifies this as a DoS vulnerability, several members of the security community believe it may be exploitable for arbitrary code execution.

References

CVE Name CVE-2004-0930
FreeBSD PR ports/73701
URL http://us4.samba.org/samba/security/CAN-2004-0930.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.