Remote Denial of Service Vulnerability in Samba Software
CVE-2004-0930

Currently unrated

Key Information:

Vendor

Samba

Status
Samba
Linux
Vendor
CVE Published:
27 January 2005
đź”” Create Samba Vulnerability Alert

What is CVE-2004-0930?

The ms_fnmatch function in specific versions of Samba, such as 3.0.4 and 3.0.7, enables remote authenticated users to initiate a denial of service attack. This is accomplished by sending a SAMBA request that includes multiple wildcard characters, leading to excessive CPU consumption which can disrupt server functionality. It is crucial for system administrators to apply necessary patches to mitigate this vulnerability and maintain system integrity.

References

https://www.ubuntu.com/usn/usn-22-1/
vendor-advisoryx_refsource_UBUNTU
https://exchange.xforce.ibmcloud.com/vulnerabilities/17987
vdb-entryx_refsource_XF
http://www.mandriva.com/security/advisories?name=MDKSA-20...
vendor-advisoryx_refsource_MANDRAKE

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.