CVE-2004-0930
https://notcve.org/view.php?id=CVE-2004-0930
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=109993720717957&w=2 http://marc.info/?l=bugtraq&m=110330519803655&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1 http://www.gentoo.org/ •
CVE-2004-0807
https://notcve.org/view.php?id=CVE-2004-0807
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. • ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 http://marc.info/?l=bugtraq&m=109509335230495&w=2 http://marc.info/?l=bugtraq&m=109526231623307&w=2 http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php? •
CVE-2002-1318
https://notcve.org/view.php?id=CVE-2002-1318
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. Desbordamiento de búfer en Samba 2.2.2 a 2.2.6 permite a atacantes remotos causar una denegación de servicio y posíblemente ejecutar código arbitrario mediante una contraseña cifrada que causa un desbordamiento durante el descifrado en la cual una cadena de página de códigos DOS es convertida a una cadena unicode UCS2 little-endian. • ftp://patches.sgi.com/support/free/security/advisories/20021204-01-I http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000550 http://marc.info/?l=bugtraq&m=103801986818076&w=2 http://marc.info/?l=bugtraq&m=103859045302448&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/53580 http://us1.samba.org/samba/whatsnew/samba-2.2.7.html http://www.ciac.org/ciac/bulletins/n-019.shtml http://www.ciac.org/ciac/bulletins/n-023.shtml http://www. •