VDB
CVE-2004-0930
CVE-2004-0930
PUBLISHED
CVSS 5 MEDIUM
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
EPSS 6.06% · 90.9th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
6.06%
90.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| redhat | fedora_core | core_2.0, * |
| gentoo | linux | |
| sgi | samba | 3.0.3, 3.0.4, 3.0.5 |
| redhat | enterprise_linux_desktop | 3.0 |
| redhat | enterprise_linux | 3.0, 2.1, 2.1 |
| redhat | linux_advanced_workstation | 2.1, 2.1 |
| n/a | n/a | * |
| conectiva | linux | 10.0 |
| samba | samba | 3.0.6, 3.0.7, 3.0.4 |
Timeline
- CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 27, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- USN-22-1 vendor-advisory
- samba-msfnmatch-dos(17987) vdb
- MDKSA-2004:131 vendor-advisory
- CLA-2004:899 vendor-advisory
- 20041108 Samba SMBD Remote Denial of Service Vulnerability third-party-advisory
- 101783 vendor-advisory
- OpenPKG-SA-2004.054 vendor-advisory
- APPLE-SA-2005-03-21 vendor-advisory
- GLSA-200411-21 vendor-advisory
- 11624 vdb
- 20041201-01-P vendor-advisory
- SUSE-SA:2004:040 vendor-advisory
- oval:org.mitre.oval:def:10936 vdb
- SCOSA-2005.17 vendor-advisory
- 20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2004-0930 advisory
- https://www.ubuntu.com/usn/usn-22-1 url