Veracode Vulnerability DatabaseVERACODE:23912Denial Of Service (DoS)
0.005 Low
EPSS
Percentile
75.3%
Samba is vulnerable to Denial of Service (DoS). A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authenticated, remote user could use this flaw to exhaust system resources by opening multiple CIFS sessions.
References
lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
news.samba.org/releases/3.0.37/
news.samba.org/releases/3.2.15/
news.samba.org/releases/3.3.8/
news.samba.org/releases/3.4.2/
osvdb.org/58519
samba.org/samba/security/CVE-2009-2906.html
secunia.com/advisories/36893
secunia.com/advisories/36918
secunia.com/advisories/36937
secunia.com/advisories/36953
secunia.com/advisories/37428
slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439
sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1
support.apple.com/kb/HT4077
wiki.rpath.com/Advisories:rPSA-2009-0145
www.redhat.com/security/updates/classification/#moderate
www.securityfocus.com/archive/1/507856/100/0/threaded
www.securityfocus.com/bid/36573
www.securitytracker.com/id?1022976
www.ubuntu.com/usn/USN-839-1
www.vupen.com/english/advisories/2009/2810
access.redhat.com/errata/RHSA-2009:1528
access.redhat.com/errata/RHSA-2009:1529
access.redhat.com/errata/RHSA-2009:1585
access.redhat.com/security/cve/CVE-2009-2906
bugzilla.redhat.com/show_bug.cgi?id=526645
exchange.xforce.ibmcloud.com/vulnerabilities/53575
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7090
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9944
www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html
www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html
Related
