NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2004-0930

Summary	The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
Publication Date	Jan. 27, 2005, 2 p.m.
Registration Date	Jan. 29, 2021, 6 p.m.
Last Update	Oct. 11, 2017, 10:29 a.m.

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:samba:samba:3.0.0:::::::*
cpe:2.3:a:samba:samba:3.0.3:::::::*
cpe:2.3:a:samba:samba:3.0.4:::::::*
cpe:2.3:a:samba:samba:3.0.5:::::::*
cpe:2.3:a:samba:samba:3.0.6:::::::*
cpe:2.3:a:samba:samba:3.0.7:::::::*
cpe:2.3:a:sgi:samba:3.0::irix:::::
cpe:2.3:a:sgi:samba:3.0.1::irix:::::
cpe:2.3:a:sgi:samba:3.0.2::irix:::::
cpe:2.3:a:sgi:samba:3.0.3::irix:::::
cpe:2.3:a:sgi:samba:3.0.4::irix:::::
cpe:2.3:a:sgi:samba:3.0.5::irix:::::
cpe:2.3:a:sgi:samba:3.0.6::irix:::::
cpe:2.3:a:sgi:samba:3.0.7::irix:::::
cpe:2.3:o:conectiva:linux:10.0:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:gentoo:linux::::::::
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
cpe:2.3:o:redhat:enterprise_linux:2.1::workstation_ia64:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_server:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
cpe:2.3:o:redhat:enterprise_linux:3.0::workstation_server:::::
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
cpe:2.3:o:redhat:fedora_core:core_2.0:::::::*
cpe:2.3:o:redhat:fedora_core:core_3.0:::::::*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1::ia64:::::
cpe:2.3:o:redhat:linux_advanced_workstation:2.1::itanium_processor:::::

Related information, measures and tools

No	URL	refsource	タグ
1	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt	SCO
2	ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P	SGI
3	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899	CONECTIVA
4	http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html	APPLE
5	http://marc.info/?l=bugtraq&m=109993720717957&w=2	BUGTRAQ
6	http://marc.info/?l=bugtraq&m=110330519803655&w=2	OPENPKG
7	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1	SUNALERT
8	http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml	GENTOO
9	http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false	IDEFENSE	Exploit Patch Vendor Advisory
10	http://www.mandriva.com/security/advisories?name=MDKSA-2004:131	MANDRAKE
11	http://www.novell.com/linux/security/advisories/2004_40_samba.html	SUSE
12	http://www.securityfocus.com/bid/11624	BID	Patch Vendor Advisory
13	https://exchange.xforce.ibmcloud.com/vulnerabilities/17987	XF
14	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936	OVAL
15	https://www.ubuntu.com/usn/usn-22-1/	UBUNTU

Common Vulnerabilities List