Vulnerabilidad en Samba versiones 3.0.1 hasta la 3.0.22, demonio smdb (smbdservice.c), Denegación de Servicio (CVE-2006-3403)
Gravedad CVSS v2.0:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
12/07/2006
Última modificación:
03/04/2025
Descripción
El demonio smdb (smbd/service.c) en Samba versiones 3.0.1 hasta la 3.0.22, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de un gran número de peticiones de conexión compartida.
Impacto
Puntuación base 2.0
5.00
Gravedad 2.0
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:* | ||
| cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
- http://docs.info.apple.com/article.html?artnum=304829
- http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
- http://secunia.com/advisories/20980
- http://secunia.com/advisories/20983
- http://secunia.com/advisories/21018
- http://secunia.com/advisories/21019
- http://secunia.com/advisories/21046
- http://secunia.com/advisories/21086
- http://secunia.com/advisories/21143
- http://secunia.com/advisories/21159
- http://secunia.com/advisories/21187
- http://secunia.com/advisories/21190
- http://secunia.com/advisories/21262
- http://secunia.com/advisories/22875
- http://secunia.com/advisories/23155
- http://security.gentoo.org/glsa/glsa-200607-10.xml
- http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html
- http://securitytracker.com/id?1016459=
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.416876
- http://www.debian.org/security/2006/dsa-1110
- http://www.kb.cert.org/vuls/id/313836
- http://www.mandriva.com/security/advisories?name=MDKSA-2006%3A120
- http://www.novell.com/linux/security/advisories/2006_17_sr.html
- http://www.redhat.com/support/errata/RHSA-2006-0591.html
- http://www.samba.org/samba/security/CAN-2006-3403.html
- http://www.securityfocus.com/archive/1/439757/100/0/threaded
- http://www.securityfocus.com/archive/1/439875/100/0/threaded
- http://www.securityfocus.com/archive/1/439880/100/100/threaded
- http://www.securityfocus.com/archive/1/440767/100/0/threaded
- http://www.securityfocus.com/archive/1/440836/100/0/threaded
- http://www.securityfocus.com/archive/1/448957/100/0/threaded
- http://www.securityfocus.com/archive/1/448957/100/0/threaded
- http://www.securityfocus.com/archive/1/451404/100/0/threaded
- http://www.securityfocus.com/archive/1/451417/100/200/threaded
- http://www.securityfocus.com/archive/1/451426/100/200/threaded
- http://www.securityfocus.com/bid/18927
- http://www.ubuntu.com/usn/usn-314-1
- http://www.us-cert.gov/cas/techalerts/TA06-333A.html
- http://www.vmware.com/download/esx/esx-202-200610-patch.html
- http://www.vmware.com/download/esx/esx-213-200610-patch.html
- http://www.vupen.com/english/advisories/2006/2745
- http://www.vupen.com/english/advisories/2006/4502
- http://www.vupen.com/english/advisories/2006/4750
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27648
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355
- ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
- http://docs.info.apple.com/article.html?artnum=304829
- http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
- http://secunia.com/advisories/20980
- http://secunia.com/advisories/20983
- http://secunia.com/advisories/21018
- http://secunia.com/advisories/21019
- http://secunia.com/advisories/21046
- http://secunia.com/advisories/21086
- http://secunia.com/advisories/21143
- http://secunia.com/advisories/21159
- http://secunia.com/advisories/21187
- http://secunia.com/advisories/21190
- http://secunia.com/advisories/21262
- http://secunia.com/advisories/22875
- http://secunia.com/advisories/23155
- http://security.gentoo.org/glsa/glsa-200607-10.xml
- http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html
- http://securitytracker.com/id?1016459=
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.416876
- http://www.debian.org/security/2006/dsa-1110
- http://www.kb.cert.org/vuls/id/313836
- http://www.mandriva.com/security/advisories?name=MDKSA-2006%3A120
- http://www.novell.com/linux/security/advisories/2006_17_sr.html
- http://www.redhat.com/support/errata/RHSA-2006-0591.html
- http://www.samba.org/samba/security/CAN-2006-3403.html
- http://www.securityfocus.com/archive/1/439757/100/0/threaded
- http://www.securityfocus.com/archive/1/439875/100/0/threaded
- http://www.securityfocus.com/archive/1/439880/100/100/threaded
- http://www.securityfocus.com/archive/1/440767/100/0/threaded
- http://www.securityfocus.com/archive/1/440836/100/0/threaded
- http://www.securityfocus.com/archive/1/448957/100/0/threaded
- http://www.securityfocus.com/archive/1/448957/100/0/threaded
- http://www.securityfocus.com/archive/1/451404/100/0/threaded
- http://www.securityfocus.com/archive/1/451417/100/200/threaded
- http://www.securityfocus.com/archive/1/451426/100/200/threaded
- http://www.securityfocus.com/bid/18927
- http://www.ubuntu.com/usn/usn-314-1
- http://www.us-cert.gov/cas/techalerts/TA06-333A.html
- http://www.vmware.com/download/esx/esx-202-200610-patch.html
- http://www.vmware.com/download/esx/esx-213-200610-patch.html
- http://www.vupen.com/english/advisories/2006/2745
- http://www.vupen.com/english/advisories/2006/4502
- http://www.vupen.com/english/advisories/2006/4750
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27648
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355