CVE-2006-3403

Severity

50%

Complexity

99%

Confidentiality

48%

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

Samba

First reported 18 years ago

2006-07-12 19:05:00

Last updated 6 years ago

2018-10-18 16:47:00

Affected Software

Samba 3.0.1

3.0.1

Samba 3.0.2

3.0.2

Samba 3.0.3

3.0.3

Samba 3.0.4

3.0.4

Samba 3.0.5

3.0.5

Samba 3.0.6

3.0.6

Samba 3.0.7

3.0.7

Samba 3.0.8

3.0.8

Samba 3.0.9

3.0.9

Samba 3.0.10

3.0.10

Samba 3.0.11

3.0.11

Samba 3.0.12

3.0.12

Samba 3.0.13

3.0.13

Samba 3.0.14

3.0.14

Samba 3.0.14a

3.0.14a

Samba 3.0.15

3.0.15

Samba 3.0.16

3.0.16

Samba 3.0.17

3.0.17

Samba 3.0.18

3.0.18

Samba 3.0.19

3.0.19

Samba 3.0.20a

3.0.20a

Samba 3.0.20b

3.0.20b

Samba 3.0.21

3.0.21

Samba 3.0.21a

3.0.21a

Samba 3.0.21b

3.0.21b

Samba 3.0.21c

3.0.21c

Samba 3.0.22

3.0.22

References

20060703-01-P

http://docs.info.apple.com/article.html?artnum=304829

APPLE-SA-2006-11-28

20980

Patch, Vendor Advisory

20983

Patch, Vendor Advisory

21018

21019

21046

21086

21143

21159

21187

21190

21262

22875

23155

GLSA-200607-10

http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html

1016459

SSA:2006-195

DSA-1110

VU#313836

US Government Resource

MDKSA-2006:120

SUSE-SR:2006:017

RHSA-2006:0591

http://www.samba.org/samba/security/CAN-2006-3403.html

Patch

20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd

20060711 rPSA-2006-0128-1 samba samba-swat

20060720 Samba Internal Data Structures DOS Vulnerability Exploit

20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit

HPSBUX02155

20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4

20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2

20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2

18927

Patch

USN-314-1

TA06-333A

US Government Resource

http://www.vmware.com/download/esx/esx-202-200610-patch.html

http://www.vmware.com/download/esx/esx-213-200610-patch.html

ADV-2006-2745

ADV-2006-4502

ADV-2006-4750

samba-smbd-connection-dos(27648)

oval:org.mitre.oval:def:11355

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.