CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
96.2%
The smbd daemon maintains internal data structures used track
active connections to file and printer shares. In certain
circumstances an attacker may be able to continually increase
the memory usage of an smbd process by issuing a large number
of share connection requests. This defect affects all Samba
configurations.
A patch for Samba 3.0.1 - 3.0.22 has been posted at
http://www.samba.org/samba/security/.
Guidelines for securing Samba hosts are listed at
http://www.samba.org/samba/docs/server_security.html
This security issue discovered during an internal security
audit of the Samba source code by the Samba Team.
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team