Published: 06/02/2007 Updated: 16/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8

VMScore: 605

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

Subscribe to Samba

smbd in Samba 3.0.6 up to and including 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba 3.0.14a
samba samba 3.0.20
samba samba 3.0.23
samba samba 3.0.23a
samba samba 3.0.9
samba samba 3.0.12
samba samba 3.0.13
samba samba 3.0.21c
samba samba 3.0.22
samba samba 3.0.7
samba samba 3.0.8
samba samba 3.0.20a
samba samba 3.0.20b
samba samba 3.0.21
samba samba 3.0.23b
samba samba 3.0.23c
samba samba 3.0.10
samba samba 3.0.11
samba samba 3.0.21a
samba samba 3.0.21b
samba samba 3.0.23d
samba samba 3.0.6

A flaw was discovered in Samba’s file opening code, which in certain situations could lead to an endless loop, resulting in a denial of service (CVE-2007-0452) ...

NVD-CWE-Other http://us1.samba.org/samba/security/CVE-2007-0452.html https://issues.rpath.com/browse/RPL-1005 http://www.debian.org/security/2007/dsa-1257 http://fedoranews.org/cms/node/2579 http://fedoranews.org/cms/node/2580 http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml http://www.redhat.com/support/errata/RHSA-2007-0060.html http://www.redhat.com/support/errata/RHSA-2007-0061.html http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916 http://lists.suse.com/archive/suse-security-announce/2007-Feb/0002.html http://www.trustix.org/errata/2007/0007 http://www.ubuntu.com/usn/usn-419-1 http://www.securityfocus.com/bid/22395 http://securitytracker.com/id?1017587 http://secunia.com/advisories/24021 http://secunia.com/advisories/24060 http://secunia.com/advisories/24030 http://secunia.com/advisories/24067 http://secunia.com/advisories/24101 http://secunia.com/advisories/24046 http://secunia.com/advisories/24151 http://secunia.com/advisories/24145 http://secunia.com/advisories/24076 http://secunia.com/advisories/24140 http://secunia.com/advisories/24188 http://secunia.com/advisories/24792 http://www.mandriva.com/security/advisories?name=MDKSA-2007:034 ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://secunia.com/advisories/24284 http://securityreason.com/securityalert/2219 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1 http://osvdb.org/33100 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00943462 http://www.vupen.com/english/advisories/2007/0483 http://www.vupen.com/english/advisories/2007/1278 https://exchange.xforce.ibmcloud.com/vulnerabilities/32301 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9758 http://www.securityfocus.com/archive/1/459365/100/0/threaded http://www.securityfocus.com/archive/1/459167/100/0/threaded https://usn.ubuntu.com/419-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook