NVD脆弱性詳細

CVE-2006-3403

概要	The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.
公表日	2006年7月13日4:05
登録日	2021年1月29日15:40
最終更新日	2018年10月19日1:47

CVSS2.0 : MEDIUM
スコア	5.0
ベクター	AV:N/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:samba:samba:3.0.1:::::::*
cpe:2.3:a:samba:samba:3.0.2:::::::*
cpe:2.3:a:samba:samba:3.0.3:::::::*
cpe:2.3:a:samba:samba:3.0.4:::::::*
cpe:2.3:a:samba:samba:3.0.5:::::::*
cpe:2.3:a:samba:samba:3.0.6:::::::*
cpe:2.3:a:samba:samba:3.0.7:::::::*
cpe:2.3:a:samba:samba:3.0.8:::::::*
cpe:2.3:a:samba:samba:3.0.9:::::::*
cpe:2.3:a:samba:samba:3.0.10:::::::*
cpe:2.3:a:samba:samba:3.0.11:::::::*
cpe:2.3:a:samba:samba:3.0.12:::::::*
cpe:2.3:a:samba:samba:3.0.13:::::::*
cpe:2.3:a:samba:samba:3.0.14:::::::*
cpe:2.3:a:samba:samba:3.0.14a:::::::*
cpe:2.3:a:samba:samba:3.0.15:::::::*
cpe:2.3:a:samba:samba:3.0.16:::::::*
cpe:2.3:a:samba:samba:3.0.17:::::::*
cpe:2.3:a:samba:samba:3.0.18:::::::*
cpe:2.3:a:samba:samba:3.0.19:::::::*
cpe:2.3:a:samba:samba:3.0.20a:::::::*
cpe:2.3:a:samba:samba:3.0.20b:::::::*
cpe:2.3:a:samba:samba:3.0.21:::::::*
cpe:2.3:a:samba:samba:3.0.21a:::::::*
cpe:2.3:a:samba:samba:3.0.21b:::::::*
cpe:2.3:a:samba:samba:3.0.21c:::::::*
cpe:2.3:a:samba:samba:3.0.22:::::::*

関連情報、対策とツール

No	URL	refsource	タグ
1	ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc	SGI
2	http://docs.info.apple.com/article.html?artnum=304829	CONFIRM
3	http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html	APPLE
4	http://secunia.com/advisories/20980	SECUNIA	Patch Vendor Advisory
5	http://secunia.com/advisories/20983	SECUNIA	Patch Vendor Advisory
6	http://secunia.com/advisories/21018	SECUNIA
7	http://secunia.com/advisories/21019	SECUNIA
8	http://secunia.com/advisories/21046	SECUNIA
9	http://secunia.com/advisories/21086	SECUNIA
10	http://secunia.com/advisories/21143	SECUNIA
11	http://secunia.com/advisories/21159	SECUNIA
12	http://secunia.com/advisories/21187	SECUNIA
13	http://secunia.com/advisories/21190	SECUNIA
14	http://secunia.com/advisories/21262	SECUNIA
15	http://secunia.com/advisories/22875	SECUNIA
16	http://secunia.com/advisories/23155	SECUNIA
17	http://security.gentoo.org/glsa/glsa-200607-10.xml	GENTOO
18	http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html	MISC
19	http://securitytracker.com/id?1016459	SECTRACK
20	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.416876	SLACKWARE
21	http://www.debian.org/security/2006/dsa-1110	DEBIAN
22	http://www.kb.cert.org/vuls/id/313836	CERT-VN	US Government Resource
23	http://www.mandriva.com/security/advisories?name=MDKSA-2006:120	MANDRIVA
24	http://www.novell.com/linux/security/advisories/2006_17_sr.html	SUSE
25	http://www.redhat.com/support/errata/RHSA-2006-0591.html	REDHAT
26	http://www.samba.org/samba/security/CAN-2006-3403.html	CONFIRM	Patch
27	http://www.securityfocus.com/archive/1/439757/100/0/threaded	BUGTRAQ
28	http://www.securityfocus.com/archive/1/439875/100/0/threaded	BUGTRAQ
29	http://www.securityfocus.com/archive/1/439880/100/100/threaded	BUGTRAQ
30	http://www.securityfocus.com/archive/1/440767/100/0/threaded	BUGTRAQ
31	http://www.securityfocus.com/archive/1/440836/100/0/threaded	BUGTRAQ
32	http://www.securityfocus.com/archive/1/448957/100/0/threaded	HP
33	http://www.securityfocus.com/archive/1/451404/100/0/threaded	BUGTRAQ
34	http://www.securityfocus.com/archive/1/451417/100/200/threaded	BUGTRAQ
35	http://www.securityfocus.com/archive/1/451426/100/200/threaded	BUGTRAQ
36	http://www.securityfocus.com/bid/18927	BID	Patch
37	http://www.ubuntu.com/usn/usn-314-1	UBUNTU
38	http://www.us-cert.gov/cas/techalerts/TA06-333A.html	CERT	US Government Resource
39	http://www.vmware.com/download/esx/esx-202-200610-patch.html	CONFIRM
40	http://www.vmware.com/download/esx/esx-213-200610-patch.html	CONFIRM
41	http://www.vupen.com/english/advisories/2006/2745	VUPEN
42	http://www.vupen.com/english/advisories/2006/4502	VUPEN
43	http://www.vupen.com/english/advisories/2006/4750	VUPEN
44	https://exchange.xforce.ibmcloud.com/vulnerabilities/27648	XF
45	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355	OVAL

共通脆弱性一覧

構成1	以上	以下	より上	未満
cpe:2.3:a:samba:samba:3.0.1:::::::*
cpe:2.3:a:samba:samba:3.0.2:::::::*
cpe:2.3:a:samba:samba:3.0.3:::::::*
cpe:2.3:a:samba:samba:3.0.4:::::::*
cpe:2.3:a:samba:samba:3.0.5:::::::*
cpe:2.3:a:samba:samba:3.0.6:::::::*
cpe:2.3:a:samba:samba:3.0.7:::::::*
cpe:2.3:a:samba:samba:3.0.8:::::::*
cpe:2.3:a:samba:samba:3.0.9:::::::*
cpe:2.3:a:samba:samba:3.0.10:::::::*
cpe:2.3:a:samba:samba:3.0.11:::::::*
cpe:2.3:a:samba:samba:3.0.12:::::::*
cpe:2.3:a:samba:samba:3.0.13:::::::*
cpe:2.3:a:samba:samba:3.0.14:::::::*
cpe:2.3:a:samba:samba:3.0.14a:::::::*
cpe:2.3:a:samba:samba:3.0.15:::::::*
cpe:2.3:a:samba:samba:3.0.16:::::::*
cpe:2.3:a:samba:samba:3.0.17:::::::*
cpe:2.3:a:samba:samba:3.0.18:::::::*
cpe:2.3:a:samba:samba:3.0.19:::::::*
cpe:2.3:a:samba:samba:3.0.20a:::::::*
cpe:2.3:a:samba:samba:3.0.20b:::::::*
cpe:2.3:a:samba:samba:3.0.21:::::::*
cpe:2.3:a:samba:samba:3.0.21a:::::::*
cpe:2.3:a:samba:samba:3.0.21b:::::::*
cpe:2.3:a:samba:samba:3.0.21c:::::::*
cpe:2.3:a:samba:samba:3.0.22:::::::*