Test ID:	1.3.6.1.4.1.25623.1.0.150718
Category:	Denial of Service
Title:	Samba 3.0.0 <= 3.0.6 Multiple Vulnerabilities
Summary:	Samba 3.0.x <= 3.0.6 DoS Vulnerabilities
Description:	Summary: Samba 3.0.x <= 3.0.6 DoS Vulnerabilities Vulnerability Insight: - CVE-2004-0807: A defect in smbd's ASN.1 parsing allows an attacker to send a specially crafted packet during the authentication request which will send the newly spawned smbd process into an infinite loop. Given enough of these packets, it is possible to exhaust the available memory on the server. - CVE-2004-0808: A defect in nmbd's process of mailslot packets can allow an attacker to anonymously crash nmbd. Affected Software/OS: Samba versions 3.0.0 through 3.0.6. Solution: Update to version 3.0.7 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0807 Bugtraq: 20040913 Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808) (Google Search) http://marc.info/?l=bugtraq&m=109509335230495&w=2 Bugtraq: 20040915 [OpenPKG-SA-2004.040] OpenPKG Security Advisory (samba) (Google Search) http://marc.info/?l=bugtraq&m=109526231623307&w=2 Conectiva Linux advisory: CLA-2004:873 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141 http://www.redhat.com/support/errata/RHSA-2004-467.html SGI Security Advisory: 20041201-01-P ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://www.trustix.net/errata/2004/0046/ Common Vulnerability Exposure (CVE) ID: CVE-2004-0808 http://www.idefense.com/application/poi/display?id=138&type=vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10344
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.