CVE-2007-0452 - smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (

CVE-2007-0452

Summary

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.

References

Vulnerable Configurations

cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23a:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23b:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23c:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-10-2018 - 16:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:N/A:C

oval via4

accepted

2013-04-29T04:21:54.520-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:9758

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

advisories

bugzilla

id	1618269
title	CVE-2007-0452 security flaw

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 4 is installed
oval oval:com.redhat.rhba:tst:20070304025

AND
comment samba is earlier than 0:3.0.10-1.4E.11
oval oval:com.redhat.rhsa:tst:20070060001
comment samba is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060591002
AND
comment samba-client is earlier than 0:3.0.10-1.4E.11
oval oval:com.redhat.rhsa:tst:20070060003
comment samba-client is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060591004
AND
comment samba-common is earlier than 0:3.0.10-1.4E.11
oval oval:com.redhat.rhsa:tst:20070060005
comment samba-common is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060591006
AND
comment samba-swat is earlier than 0:3.0.10-1.4E.11
oval oval:com.redhat.rhsa:tst:20070060007
comment samba-swat is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060591008

rhsa

id	RHSA-2007:0060
released	2007-02-15
severity	Moderate
title	RHSA-2007:0060: samba security update (Moderate)

bugzilla

id	1618269
title	CVE-2007-0452 security flaw

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment samba is earlier than 0:3.0.23c-2.el5.2
oval oval:com.redhat.rhsa:tst:20070061001
comment samba is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070061002
AND
comment samba-client is earlier than 0:3.0.23c-2.el5.2
oval oval:com.redhat.rhsa:tst:20070061003
comment samba-client is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070061004
AND
comment samba-common is earlier than 0:3.0.23c-2.el5.2
oval oval:com.redhat.rhsa:tst:20070061005
comment samba-common is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070061006
AND
comment samba-swat is earlier than 0:3.0.23c-2.el5.2
oval oval:com.redhat.rhsa:tst:20070061007
comment samba-swat is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070061008

rhsa

id	RHSA-2007:0061
released	2007-03-14
severity	Moderate
title	RHSA-2007:0061: samba security update (Moderate)

rpms

samba-0:3.0.10-1.4E.11
samba-0:3.0.9-1.3E.12
samba-client-0:3.0.10-1.4E.11
samba-client-0:3.0.9-1.3E.12
samba-common-0:3.0.10-1.4E.11
samba-common-0:3.0.9-1.3E.12
samba-debuginfo-0:3.0.10-1.4E.11
samba-debuginfo-0:3.0.9-1.3E.12
samba-swat-0:3.0.10-1.4E.11
samba-swat-0:3.0.9-1.3E.12
samba-0:3.0.23c-2.el5.2
samba-client-0:3.0.23c-2.el5.2
samba-common-0:3.0.23c-2.el5.2
samba-debuginfo-0:3.0.23c-2.el5.2
samba-swat-0:3.0.23c-2.el5.2

refmap via4

bid	22395
bugtraq	20070205 [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d 20070207 rPSA-2007-0026-1 samba samba-swat
confirm	http://us1.samba.org/samba/security/CVE-2007-0452.html https://issues.rpath.com/browse/RPL-1005
debian	DSA-1257
fedora	FEDORA-2007-219 FEDORA-2007-220
gentoo	GLSA-200702-01
hp	HPSBUX02204 SSRT071341
mandriva	MDKSA-2007:034
osvdb	33100
sectrack	1017587
secunia	24021 24030 24046 24060 24067 24076 24101 24140 24145 24151 24188 24284 24792
sgi	20070201-01-P
slackware	SSA:2007-038-01
sreason	2219
sunalert	200588
suse	SUSE-SA:2007:016
trustix	2007-0007
ubuntu	USN-419-1
vupen	ADV-2007-0483 ADV-2007-1278
xf	samba-smbd-filerename-dos(32301)

Last major update

16-10-2018 - 16:32

Published

06-02-2007 - 02:28

Last modified

16-10-2018 - 16:32