| VID |
23096 |
| Severity |
20 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
The Samba server, according to its version number, has the Wild Card Denial Of Service Vulnerability.
Samba is an Open Source/Free Software package that provides seamless file and print services to SMB/CIFS clients. Samba versions 3.0.x through 3.0.7 are vulnerable to a remote denial of service attack. The problem specifically exists within the ms_fnmatch() routine which upon parsing '*' characters within a pattern will fall into an exponentially growing loop. An authenticated remote attacker can cause a resource exhaustion attack by sending multiple malformed commands to an affected server. A request as simple as 'dir ***********************************************z' can trigger this condition leading to 100% CPU usage.
* Note: If this check solely relied on the version number of the remote Samba server to assess this vulnerability, then this might be a false positive.
* References:
http://us4.samba.org/samba/security/CAN-2004-0930.html
http://archives.neohapsis.com/archives/bugtraq/2004-11/0090.html
http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities
* Platforms Affected:
Samba Project, Samba versions 3.0.x through 3.0.7
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of samba (3.0.8 or later), available from the Samba Web site at http://samba.org/samba/samba.html
For Samba 3.0.7:
Apply the CAN-2004-0930 patch, available from the iDEFENSE Security Advisory at http://www.samba.org/samba/ftp/patches/security/samba-3.0.7-CAN-2004-0930.patch
For Mandrake Linux:
Upgrade to the latest samba package, as listed in MandrakeSoft Security Advisory MDKSA-2004:131 at http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:131
For Gentoo Linux:
Upgrade to the latest version of samba (3.0.8, < 3.0 or later), as listed in Gentoo Linux Security Advisory GLSA 200411-21 at http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml
For Ubuntu Linux:
Upgrade to the latest version of samba (3.0.7-1ubuntu6.1 or later), as listed in Ubuntu Security USN-22-1 at http://www.ubuntulinux.org/support/documentation/usn/usn-22-1
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2004-0930 (CVE) |
| Related URL |
11624 (SecurityFocus) |
| Related URL |
17987 (ISS) |
|
