- Overview
- Features
- Architecture & Open API
- Try NeXpose
- Buy NeXpose
- System Requirements
- Vulnerabilities Tested
- NeXpose Information
Search Hints:
Try searching for a product or vendor.
Only vulnerabilities that match all search terms will be returned.
Enclose search terms in double quotes for an exact search.
For CVE searches, only enter the CVE-YYYY-XXXX code.
Try searching for a product or vendor.
Only vulnerabilities that match all search terms will be returned.
Enclose search terms in double quotes for an exact search.
For CVE searches, only enter the CVE-YYYY-XXXX code.
NeXpose Vulnerability Database
< Previous Next >Samba File Renaming Denial of Service Vulnerability
Severity |
CVSS |
Published |
Added |
Modified |
|---|---|---|---|---|
| Critical (10) | 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C) | Feb 5, 2007 | Aug 31, 2007 | Sep 21, 2007 |
Description:
Certain versions of Samba are vulnerable to a denial of service condition when handling deferred file open operations during file renaming requests. Successful exploitation allows an authenticated attacker to put the daemon in an infinite loop, causing all functionality to halt.
Solution:
Upgrade to Samba 3.0.24
Download and apply the upgrade from: http://us1.samba.org/samba/ftp/old-versions/samba-3.0.24.tar.gz
Information on these pages is summary information extracted from the NeXpose Vulnerabilty Assessment system. Full details are provided within the NeXpose product for licensed users.