CVSS: 2.7EPSS: 2%CPEs: 52EXPL: 0CVE-2014-3493 – samba: smbd unicode path names denial of service
https://notcve.org/view.php?id=CVE-2014-3493
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference. La función push_ascii en smbd en Samba 3.6.x anterior a 3.6.24, 4.0.x anterior a 4.0.19 y 4.1.x anterior a 4.1.9 permite a usuarios remotos autenticados causar una denegación de servicio (corrupción de memoria y caída de demonio) a través de in intento de leer un nombre de ruta Unicode sin especificar el uso de Unicode, que conduce a un fallo de conversión de configuración de carácter que provoca una referencia a puntero inválida. It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. • http://advisories.mageia.org/MGASA-2014-0279.html http://linux.oracle.com/errata/ELSA-2014-0866.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html http://rhn.redhat.com/errata/RHSA-2014-0866.html http://secunia.com/advisories/59378 http://secunia.com/advisories/59407 http://secunia.com/advisories/59433 http://secunia.com/advisories/59579 http://secunia.com/advisories/598 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-393: Return of Wrong Status Code •
CVSS: 3.3EPSS: 5%CPEs: 52EXPL: 0CVE-2014-0244 – samba: nmbd denial of service
https://notcve.org/view.php?id=CVE-2014-0244
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet. La función sys_recvfrom en nmbd en Samba 3.6.x anterior a 3.6.24, 4.0.x anterior a 4.0.19 y 4.1.x anterior a 4.1.9 permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumo de CPU) a través de un paquete UDP malformado. A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. • http://advisories.mageia.org/MGASA-2014-0279.html http://linux.oracle.com/errata/ELSA-2014-0866.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html http://rhn.redhat.com/errata/RHSA-2014-0866.html http://secunia.com/advisories/59378 http://secunia.com/advisories/59407 http://secunia.com/advisories/59433 http://secunia.com/advisories/59579 http://secunia.com/advisories/598 • CWE-20: Improper Input Validation •