The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
Software | From | Fixed in |
---|---|---|
samba / samba | 3.0.0 | 3.0.0.x |
samba / samba | 3.0.3 | 3.0.3.x |
samba / samba | 3.0.4 | 3.0.4.x |
samba / samba | 3.0.5 | 3.0.5.x |
samba / samba | 3.0.6 | 3.0.6.x |
samba / samba | 3.0.7 | 3.0.7.x |
redhat / enterprise_linux | 2.1 | 2.1.x |
redhat / enterprise_linux | 3.0 | 3.0.x |
redhat / enterprise_linux_desktop | 3.0 | 3.0.x |
conectiva / linux | 10.0 | 10.0.x |
redhat / linux_advanced_workstation | 2.1 | 2.1.x |
gentoo / linux | - | - |
redhat / fedora_core | core_2.0 | core_2.0.x |
redhat / fedora_core | core_3.0 | core_3.0.x |
sgi / samba | 3.0 | 3.0.x |
sgi / samba | 3.0.1 | 3.0.1.x |
sgi / samba | 3.0.2 | 3.0.2.x |
sgi / samba | 3.0.3 | 3.0.3.x |
sgi / samba | 3.0.4 | 3.0.4.x |
sgi / samba | 3.0.5 | 3.0.5.x |
sgi / samba | 3.0.6 | 3.0.6.x |
sgi / samba | 3.0.7 | 3.0.7.x |