Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (File Transfer/Sharing)  >   Samba Vendors:
(Sun Issues Fix) Samba Input Validation Error in ms_fnmatch() Lets Remote Authenticated Users Deny Service
SecurityTracker Alert ID:  1014287
SecurityTracker URL:
CVE Reference:   CVE-2004-0930   (Links to External Site)
Updated:  Oct 18 2006
Original Entry Date:  Jun 24 2005
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.0 through 3.0.7
Description:   An input vulnerability was reported in Samba. A remote authenticated user may be able to cause denial of service conditions.

The vendor reported that there is a flaw in the matching of filenames containing wildcard characters. A remote user can cause the target smbd process to consume excessive CPU resources and, in some cases, cause the system to stop responding.

The vendor credits iDEFENSE with reporting this flaw.

iDEFENSE reported that the flaw resides in the ms_fnmatch() function and can be triggered by sending a command that contains multiple asterik characters, such as the following command:

dir ***********************************************z

Impact:   A remote authenticated user can cause excessive CPU consumption on the target system, potentially causing the system to become unresponsive.
Solution:   Sun has issued the following fixes.

SPARC Platform

* Solaris 9 with patch 114684-05 or later
* Solaris 10 with patch 119757-01 or later

x86 Platform

* Solaris 9 with patch 114685-05 or later
* Solaris 10 with patch 119758-01 or later

The Sun advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  UNIX (Solaris - SunOS)
Underlying OS Comments:  9, 10

Message History:   This archive entry is a follow-up to the message listed below.
Nov 8 2004 Samba Input Validation Error in ms_fnmatch() Lets Remote Authenticated Users Deny Service

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC