CVE-2004-0807
published 2004-09-13CVE-2004-0807: Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
5.50%
91.8th percentile
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| debian | samba | < samba 3.0.7 (bookworm) | samba 3.0.7 (bookworm) |
| mandrakesoft | mandrake_linux | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | — | — |
| samba | samba | >= 0 < 3.0.7 | 3.0.7 |
| samba | samba | >= 0 < 3.0.7 | 3.0.7 |
| samba | samba | >= 0 < 3.0.7 | 3.0.7 |
| samba | samba | >= 0 < 3.0.7 | 3.0.7 |
| sgi | samba | — | — |
| sgi | samba | — | — |
| sgi | samba | — | — |
| sgi | samba | — | — |
| sgi | samba | — | — |
| sgi | samba | — | — |
| sgi | samba | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2004-09-13·CVSS 5.0
CVE-2004-0807 [MEDIUM] security flaw
security flaw
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
Debian
CVE-2004-0807: samba - Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (in...
vendor_debian·2004·CVSS 5.0
CVE-2004-0807 [MEDIUM] CVE-2004-0807: samba - Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (in...
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
Scope: local
bookworm: resolved (fixed in 3.0.7)
bullseye: resolved (fixed in 3.0.7)
forky: resolved (fixed in 3.0.7)
sid: resolved (fixed in 3.0.7)
trixie: resolved (fixed in 3.0.7)
GHSA
GHSA-8w98-f339-9fh8: Samba 3
ghsa_unreviewed·2022-05-03
CVE-2004-0807 [MEDIUM] GHSA-8w98-f339-9fh8: Samba 3
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
OSV
CVE-2004-0807: Samba 3
osv·2004-09-13·CVSS 5.0
CVE-2004-0807 [MEDIUM] CVE-2004-0807: Samba 3
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
No detection rules found.
No public exploits indexed.
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-Phttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873http://marc.info/?l=bugtraq&m=109509335230495&w=2http://marc.info/?l=bugtraq&m=109526231623307&w=2http://www.gentoo.org/security/en/glsa/glsa-200409-16.xmlhttp://www.idefense.com/application/poi/display?id=139&type=vulnerabilitieshttp://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092http://www.redhat.com/support/errata/RHSA-2004-467.htmlhttp://www.trustix.net/errata/2004/0046/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141ftp://patches.sgi.com/support/free/security/advisories/20041201-01-Phttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873http://marc.info/?l=bugtraq&m=109509335230495&w=2http://marc.info/?l=bugtraq&m=109526231623307&w=2http://www.gentoo.org/security/en/glsa/glsa-200409-16.xmlhttp://www.idefense.com/application/poi/display?id=139&type=vulnerabilitieshttp://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092http://www.redhat.com/support/errata/RHSA-2004-467.htmlhttp://www.trustix.net/errata/2004/0046/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141
2004-09-13
Published