Vulnerability-Lookup

CVE-2006-3403 (GCVE-0-2006-3403)

Vulnerability from cvelistv5 – Published: 2006-07-12 23:00 – Updated: 2024-08-07 18:30

Summary

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.ubuntu.com/usn/usn-314-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/21187	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4750	vdb-entryx_refsource_VUPEN
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://securitytracker.com/id?1016459	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/20983	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/2745	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2006/4502	vdb-entryx_refsource_VUPEN
	http://securitydot.net/xpl/exploits/vulnerabiliti…	x_refsource_MISC
	http://www.samba.org/samba/security/CAN-2006-3403.html	x_refsource_CONFIRM
	http://docs.info.apple.com/article.html?artnum=304829	x_refsource_CONFIRM
	http://secunia.com/advisories/22875	third-party-advisoryx_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://www.vmware.com/download/esx/esx-202-200610…	x_refsource_CONFIRM
	http://secunia.com/advisories/21190	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21086	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/451426/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vmware.com/download/esx/esx-213-200610…	x_refsource_CONFIRM
	http://secunia.com/advisories/21262	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/439880/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/439875/100…	mailing-listx_refsource_BUGTRAQ
	http://www.kb.cert.org/vuls/id/313836	third-party-advisoryx_refsource_CERT-VN
	http://secunia.com/advisories/23155	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/18927	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/21019	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/20980	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/440836/100…	mailing-listx_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2006-05…	vendor-advisoryx_refsource_REDHAT
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securityfocus.com/archive/1/448957/100…	vendor-advisoryx_refsource_HP
	http://www.us-cert.gov/cas/techalerts/TA06-333A.html	third-party-advisoryx_refsource_CERT
	http://www.securityfocus.com/archive/1/451404/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/21046	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21159	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/448957/100…	vendor-advisoryx_refsource_HP
	http://www.securityfocus.com/archive/1/440767/100…	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2006/dsa-1110	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/archive/1/439757/100…	mailing-listx_refsource_BUGTRAQ
	http://security.gentoo.org/glsa/glsa-200607-10.xml	vendor-advisoryx_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/archive/1/451417/100…	mailing-listx_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/21143	third-party-advisoryx_refsource_SECUNIA
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI
	http://secunia.com/advisories/21018	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:30:32.906Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-314-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-314-1"
          },
          {
            "name": "21187",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21187"
          },
          {
            "name": "ADV-2006-4750",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "name": "SUSE-SR:2006:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
          },
          {
            "name": "1016459",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016459"
          },
          {
            "name": "20983",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20983"
          },
          {
            "name": "ADV-2006-2745",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2745"
          },
          {
            "name": "ADV-2006-4502",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4502"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "name": "22875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22875"
          },
          {
            "name": "SSA:2006-195",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
          },
          {
            "name": "21190",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21190"
          },
          {
            "name": "21086",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21086"
          },
          {
            "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
          },
          {
            "name": "21262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21262"
          },
          {
            "name": "20060711 rPSA-2006-0128-1 samba samba-swat",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
          },
          {
            "name": "20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
          },
          {
            "name": "VU#313836",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/313836"
          },
          {
            "name": "23155",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "name": "18927",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18927"
          },
          {
            "name": "samba-smbd-connection-dos(27648)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
          },
          {
            "name": "21019",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21019"
          },
          {
            "name": "20980",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20980"
          },
          {
            "name": "20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
          },
          {
            "name": "RHSA-2006:0591",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
          },
          {
            "name": "APPLE-SA-2006-11-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
          },
          {
            "name": "HPSBUX02155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
          },
          {
            "name": "TA06-333A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
          },
          {
            "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
          },
          {
            "name": "21046",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21046"
          },
          {
            "name": "21159",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21159"
          },
          {
            "name": "SSRT061235",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
          },
          {
            "name": "20060720 Samba Internal Data Structures DOS Vulnerability Exploit",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
          },
          {
            "name": "DSA-1110",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1110"
          },
          {
            "name": "20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
          },
          {
            "name": "GLSA-200607-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:11355",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
          },
          {
            "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
          },
          {
            "name": "MDKSA-2006:120",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
          },
          {
            "name": "21143",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21143"
          },
          {
            "name": "20060703-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
          },
          {
            "name": "21018",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21018"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-10T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T18:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-314-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-314-1"
        },
        {
          "name": "21187",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21187"
        },
        {
          "name": "ADV-2006-4750",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4750"
        },
        {
          "name": "SUSE-SR:2006:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
        },
        {
          "name": "1016459",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016459"
        },
        {
          "name": "20983",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20983"
        },
        {
          "name": "ADV-2006-2745",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2745"
        },
        {
          "name": "ADV-2006-4502",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4502"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=304829"
        },
        {
          "name": "22875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22875"
        },
        {
          "name": "SSA:2006-195",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
        },
        {
          "name": "21190",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21190"
        },
        {
          "name": "21086",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21086"
        },
        {
          "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
        },
        {
          "name": "21262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21262"
        },
        {
          "name": "20060711 rPSA-2006-0128-1 samba samba-swat",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
        },
        {
          "name": "20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
        },
        {
          "name": "VU#313836",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/313836"
        },
        {
          "name": "23155",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23155"
        },
        {
          "name": "18927",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18927"
        },
        {
          "name": "samba-smbd-connection-dos(27648)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
        },
        {
          "name": "21019",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21019"
        },
        {
          "name": "20980",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20980"
        },
        {
          "name": "20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
        },
        {
          "name": "RHSA-2006:0591",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
        },
        {
          "name": "APPLE-SA-2006-11-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
        },
        {
          "name": "HPSBUX02155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
        },
        {
          "name": "TA06-333A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
        },
        {
          "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
        },
        {
          "name": "21046",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21046"
        },
        {
          "name": "21159",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21159"
        },
        {
          "name": "SSRT061235",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
        },
        {
          "name": "20060720 Samba Internal Data Structures DOS Vulnerability Exploit",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
        },
        {
          "name": "DSA-1110",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1110"
        },
        {
          "name": "20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
        },
        {
          "name": "GLSA-200607-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:11355",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
        },
        {
          "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
        },
        {
          "name": "MDKSA-2006:120",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
        },
        {
          "name": "21143",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21143"
        },
        {
          "name": "20060703-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
        },
        {
          "name": "21018",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21018"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3403",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-314-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-314-1"
            },
            {
              "name": "21187",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21187"
            },
            {
              "name": "ADV-2006-4750",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4750"
            },
            {
              "name": "SUSE-SR:2006:017",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
            },
            {
              "name": "1016459",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016459"
            },
            {
              "name": "20983",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20983"
            },
            {
              "name": "ADV-2006-2745",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2745"
            },
            {
              "name": "ADV-2006-4502",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4502"
            },
            {
              "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html",
              "refsource": "MISC",
              "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
            },
            {
              "name": "http://www.samba.org/samba/security/CAN-2006-3403.html",
              "refsource": "CONFIRM",
              "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=304829",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=304829"
            },
            {
              "name": "22875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22875"
            },
            {
              "name": "SSA:2006-195",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
            },
            {
              "name": "http://www.vmware.com/download/esx/esx-202-200610-patch.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
            },
            {
              "name": "21190",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21190"
            },
            {
              "name": "21086",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21086"
            },
            {
              "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
            },
            {
              "name": "http://www.vmware.com/download/esx/esx-213-200610-patch.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
            },
            {
              "name": "21262",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21262"
            },
            {
              "name": "20060711 rPSA-2006-0128-1 samba samba-swat",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
            },
            {
              "name": "20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
            },
            {
              "name": "VU#313836",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/313836"
            },
            {
              "name": "23155",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23155"
            },
            {
              "name": "18927",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18927"
            },
            {
              "name": "samba-smbd-connection-dos(27648)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
            },
            {
              "name": "21019",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21019"
            },
            {
              "name": "20980",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20980"
            },
            {
              "name": "20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
            },
            {
              "name": "RHSA-2006:0591",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
            },
            {
              "name": "APPLE-SA-2006-11-28",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
            },
            {
              "name": "HPSBUX02155",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
            },
            {
              "name": "TA06-333A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
            },
            {
              "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
            },
            {
              "name": "21046",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21046"
            },
            {
              "name": "21159",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21159"
            },
            {
              "name": "SSRT061235",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
            },
            {
              "name": "20060720 Samba Internal Data Structures DOS Vulnerability Exploit",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
            },
            {
              "name": "DSA-1110",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1110"
            },
            {
              "name": "20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
            },
            {
              "name": "GLSA-200607-10",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:11355",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
            },
            {
              "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
            },
            {
              "name": "MDKSA-2006:120",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
            },
            {
              "name": "21143",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21143"
            },
            {
              "name": "20060703-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
            },
            {
              "name": "21018",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21018"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3403",
    "datePublished": "2006-07-12T23:00:00.000Z",
    "dateReserved": "2006-07-06T04:00:00.000Z",
    "dateUpdated": "2024-08-07T18:30:32.906Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-4X79-6W4J-GWX6

Vulnerability from github – Published: 2022-05-03 03:16 – Updated: 2022-05-03 03:16

Details

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3403"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-07-12T19:05:00Z",
    "severity": "MODERATE"
  },
  "details": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.",
  "id": "GHSA-4x79-6w4j-gwx6",
  "modified": "2022-05-03T03:16:02Z",
  "published": "2022-05-03T03:16:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3403"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=304829"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20980"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20983"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21018"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21019"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21046"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21086"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21143"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21159"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21187"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21190"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21262"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22875"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23155"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
    },
    {
      "type": "WEB",
      "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016459"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1110"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/313836"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
    },
    {
      "type": "WEB",
      "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/18927"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-314-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2745"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4502"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4750"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2006-AVI-458

Vulnerability from certfr_avis - Published: 2006-10-20 - Updated: 2006-10-20

Cette vulnérabilité permet à un utilisateur mal intentionné de contouner la politique de sécurité et d'augmenter ses privilèges.

Description

Une vulnérabilité présente dans HP CIFS Server (Samba) permet à un utilisateur mal intentionné d'accèder à des données non-autorisées ou d'augmenter ses privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	HP-UX B.11.23 (11i v2) utilisant HP CIFS Server versions antérieures à A.02.03.
	N/A	N/A	HP-UX B.11.11 (11i v1) utilisant HP CIFS Server versions antérieures à A.02.03 ;

References

Title

Publication Time

Tags

Bulletin de sécurité HP du 25 septembre 2006	None	vendor-advisory
Avis du CERTA du 13 juillet 2006 :	-	other
Bulletin de sécurité HP c00774481 du 25 septembre 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP-UX B.11.23 (11i v2) utilisant HP CIFS Server versions ant\u00e9rieures \u00e0 A.02.03.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX B.11.11 (11i v1) utilisant HP CIFS Server versions ant\u00e9rieures \u00e0 A.02.03 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans HP CIFS Server (Samba) permet \u00e0 un\nutilisateur mal intentionn\u00e9 d\u0027acc\u00e8der \u00e0 des donn\u00e9es non-autoris\u00e9es ou\nd\u0027augmenter ses privil\u00e8ges.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3403"
    }
  ],
  "initial_release_date": "2006-10-20T00:00:00",
  "last_revision_date": "2006-10-20T00:00:00",
  "links": [
    {
      "title": "Avis du CERTA du 13 juillet 2006 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-294"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP c00774481 du 25 septembre 2006 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00774481"
    }
  ],
  "reference": "CERTA-2006-AVI-458",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-10-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Cette vuln\u00e9rabilit\u00e9 permet \u00e0 un utilisateur mal intentionn\u00e9 de contouner\nla politique de s\u00e9curit\u00e9 et d\u0027augmenter ses privil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans HP CIFS Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP du 25 septembre 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-517

Vulnerability from certfr_avis - Published: 2006-11-29 - Updated: 2006-11-29

De multiples vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Certaines pourraient, si elles sont exploitées par une personne malveillante, provoquer l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Parmi celles-ci :

une vulnérabilité des pilotes de cartes sans-fil Airport : ils n'interpreteraient pas correctement des paquets répondant à une requête de sondage (de type Probe). Une personne malveillante pourrait donc émettre un paquet malformé, en réponse à une requête, afin de provoquer l'exécution de commandes arbitraires à distance. Les solutions de sécurité comme WPA, VPN, 802.11i ne protègent pas de cette catégorie d'attaques visant directement le pilote de la carte réseau. Le CERTA mentionne ce problème dans le bulletin d'actualité CERTA-2006-ACT-046 ;
une vulnérabilité de CFNetwork : les URI (pour Uniform Resource Identifier) FTP ne sont pas validées correctement. Une personne pourrait, en visitant un site FTP construit de manière malveillante, lancer à son insu des commandes FTP contre un site tiers ;
plusieurs vulnérabilités dans clamAV pour Mac OS X Server ;
des vulnérabilités dans OpenSSL pour MacOS. Celles-ci ont été abordées dans des avis du CERTA, notamment CERTA-2006-AVI-421 et CERTA-2006-AVI-448 ;
des vulnérabilités de PHP : certaines ont été décrites dans l'avis du CERTA CERTA-2006-AVI-481 ;
une vulnérabilité de PPP : une personne malveillante pourrait, sur le même réseau qu'une machine vulnérable, envoyer un paquet spécialement conçu, afin de perturber PPPoE. Cela permettrait sous certaines conditions d'exécuter des commandes arbitraires à distance. PPPoE n'est cependant pas activé par défaut.

Solution

Se référer au bulletin de sécurité de l'éditeur Apple pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple Mac OS X Server v10.3.9 ;
Apple	N/A	Apple Mac OS X v10.4.8 ;
Apple	N/A	Apple Mac OS X Server v10.4.8.
Apple	N/A	Apple Mac OS X v10.3.9 ;

References

Title

Publication Time

Tags

Bulletin de mises à jour Apple 2006-007 du 28 novembre 2006	None	vendor-advisory
Bulletin d'actualité du CERTA CERTA-2006-ACT-046 du 17 novembre 2006 :	-	other
Avis du CERTA CERTA-2006-AVI-448 du 11 octobre 2006 :	-	other
Bulletin de sécurité Apple 2006-007 du 28 novembre 2006 :	-	other
Avis du CERTA CERTA-2006-AVI-421 du 03 octobre 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple Mac OS X Server v10.3.9 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac OS X v10.4.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac OS X Server v10.4.8.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac OS X v10.3.9 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Parmi celles-ci :\n\n-   une vuln\u00e9rabilit\u00e9 des pilotes de cartes sans-fil Airport : ils\n    n\u0027interpreteraient pas correctement des paquets r\u00e9pondant \u00e0 une\n    requ\u00eate de sondage (de type Probe). Une personne malveillante\n    pourrait donc \u00e9mettre un paquet malform\u00e9, en r\u00e9ponse \u00e0 une requ\u00eate,\n    afin de provoquer l\u0027ex\u00e9cution de commandes arbitraires \u00e0 distance.\n    Les solutions de s\u00e9curit\u00e9 comme WPA, VPN, 802.11i ne prot\u00e8gent pas\n    de cette cat\u00e9gorie d\u0027attaques visant directement le pilote de la\n    carte r\u00e9seau. Le CERTA mentionne ce probl\u00e8me dans le bulletin\n    d\u0027actualit\u00e9 CERTA-2006-ACT-046 ;\n-   une vuln\u00e9rabilit\u00e9 de CFNetwork : les URI (pour Uniform Resource\n    Identifier) FTP ne sont pas valid\u00e9es correctement. Une personne\n    pourrait, en visitant un site FTP construit de mani\u00e8re malveillante,\n    lancer \u00e0 son insu des commandes FTP contre un site tiers ;\n-   plusieurs vuln\u00e9rabilit\u00e9s dans clamAV pour Mac OS X Server ;\n-   des vuln\u00e9rabilit\u00e9s dans OpenSSL pour MacOS. Celles-ci ont \u00e9t\u00e9\n    abord\u00e9es dans des avis du CERTA, notamment CERTA-2006-AVI-421 et\n    CERTA-2006-AVI-448 ;\n-   des vuln\u00e9rabilit\u00e9s de PHP : certaines ont \u00e9t\u00e9 d\u00e9crites dans l\u0027avis\n    du CERTA CERTA-2006-AVI-481 ;\n-   une vuln\u00e9rabilit\u00e9 de PPP : une personne malveillante pourrait, sur\n    le m\u00eame r\u00e9seau qu\u0027une machine vuln\u00e9rable, envoyer un paquet\n    sp\u00e9cialement con\u00e7u, afin de perturber PPPoE. Cela permettrait sous\n    certaines conditions d\u0027ex\u00e9cuter des commandes arbitraires \u00e0\n    distance. PPPoE n\u0027est cependant pas activ\u00e9 par d\u00e9faut.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur Apple pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-4339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4339"
    },
    {
      "name": "CVE-2006-1990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1990"
    },
    {
      "name": "CVE-2006-4398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4398"
    },
    {
      "name": "CVE-2006-5465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5465"
    },
    {
      "name": "CVE-2006-4403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4403"
    },
    {
      "name": "CVE-2006-2940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2940"
    },
    {
      "name": "CVE-2006-4182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4182"
    },
    {
      "name": "CVE-2006-4404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4404"
    },
    {
      "name": "CVE-2006-4334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4334"
    },
    {
      "name": "CVE-2006-4343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4343"
    },
    {
      "name": "CVE-2006-4408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4408"
    },
    {
      "name": "CVE-2006-4335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4335"
    },
    {
      "name": "CVE-2006-4396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4396"
    },
    {
      "name": "CVE-2006-4401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4401"
    },
    {
      "name": "CVE-2006-4407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4407"
    },
    {
      "name": "CVE-2006-3403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3403"
    },
    {
      "name": "CVE-2006-4400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4400"
    },
    {
      "name": "CVE-2006-4336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4336"
    },
    {
      "name": "CVE-2006-4337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4337"
    },
    {
      "name": "CVE-2006-4402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4402"
    },
    {
      "name": "CVE-2006-3738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3738"
    },
    {
      "name": "CVE-2006-1490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1490"
    },
    {
      "name": "CVE-2006-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2937"
    },
    {
      "name": "CVE-2006-4409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4409"
    },
    {
      "name": "CVE-2006-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4410"
    },
    {
      "name": "CVE-2006-4411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4411"
    },
    {
      "name": "CVE-2006-5710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5710"
    },
    {
      "name": "CVE-2006-4338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4338"
    },
    {
      "name": "CVE-2006-4412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4412"
    },
    {
      "name": "CVE-2006-3962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3962"
    },
    {
      "name": "CVE-2006-4406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4406"
    }
  ],
  "initial_release_date": "2006-11-29T00:00:00",
  "last_revision_date": "2006-11-29T00:00:00",
  "links": [
    {
      "title": "Bulletin d\u0027actualit\u00e9 du CERTA CERTA-2006-ACT-046 du 17    novembre 2006 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-ACT-046.pdf"
    },
    {
      "title": "Avis du CERTA CERTA-2006-AVI-448 du 11 octobre 2006 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-448/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 2006-007 du 28 novembre 2006 :",
      "url": "http://docs.info.apple.com/article.html?artnum=304829"
    },
    {
      "title": "Avis du CERTA CERTA-2006-AVI-421 du 03 octobre 2006 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-421/"
    }
  ],
  "reference": "CERTA-2006-AVI-517",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-11-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Certaines pourraient, si elles sont\nexploit\u00e9es par une personne malveillante, provoquer l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mises \u00e0 jour Apple 2006-007 du 28 novembre 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-294

Vulnerability from certfr_avis - Published: 2006-07-13 - Updated: 2006-08-02

None

Description

Samba est un logiciel libre utilisé pour la mise en oeuvre des partages réseau à l'aide des protocoles SMB et CIFS sous Unix.

Une vulnérabilité a été identififiée dans le démon smbd de Samba. Il maintient des structures de données en interne pour suivre les connexions actives de partages. Sous certaines conditions, une personne malveillante peut profiter de cette vulnérabilité pour augmenter l'espace mémoire alloué à Samba et provoquer un arrêt du service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions de Samba 3.0.1 à 3.0.22.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Samba du 10 juillet 2006	None	vendor-advisory
Bulletin de sécurité d'Ubuntu USN-314-1 du 12 juillet 2006 :	-	other
Bulletin de sécurité Debian DSA-1110 du 16 juillet 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:120 du 10 juillet 2006 :	-	other
Bulletin de sécurité du projet Samba du 10 juillet 2006 :	-	other
Bulletin de sécurité Suse SUSE-SR:2006:017 du 21 juillet 2006 :	-	other
Bulletin de sécurité FreeBSD du 10 juillet 2006 :	-	other
Bulletin de sécurité Gentoo GLSA-200607-10 du 25 juillet 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0591 du 25 juillet 2006 :	-	other
Bulletin de sécurité SGI 20060703-01-P du 31 juillet 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eLes versions de Samba 3.0.1 \u00e0 3.0.22.\u003c/P\u003e",
  "content": "## Description\n\nSamba est un logiciel libre utilis\u00e9 pour la mise en oeuvre des partages\nr\u00e9seau \u00e0 l\u0027aide des protocoles SMB et CIFS sous Unix.\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identififi\u00e9e dans le d\u00e9mon smbd de Samba. Il\nmaintient des structures de donn\u00e9es en interne pour suivre les\nconnexions actives de partages. Sous certaines conditions, une personne\nmalveillante peut profiter de cette vuln\u00e9rabilit\u00e9 pour augmenter\nl\u0027espace m\u00e9moire allou\u00e9 \u00e0 Samba et provoquer un arr\u00eat du service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3403"
    }
  ],
  "initial_release_date": "2006-07-13T00:00:00",
  "last_revision_date": "2006-08-02T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 d\u0027Ubuntu USN-314-1 du 12 juillet 2006    :",
      "url": "http://www.ubuntu.com/usn/usn-314-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1110 du 16 juillet 2006 :",
      "url": "http://www.us.debian.org/security/2006/dsa-1110/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:120 du 10 juillet    2006 :",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 du projet Samba du 10 juillet 2006 :",
      "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Suse SUSE-SR:2006:017 du 21 juillet    2006 :",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-jul/0007.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD du 10 juillet 2006 :",
      "url": "http://www.vuxml.org/freebsd/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200607-10 du 25 juillet    2006 :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200607-10.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0591 du 25 juillet    2006 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0591.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SGI 20060703-01-P du 31 juillet 2006 :",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
    }
  ],
  "reference": "CERTA-2006-AVI-294",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2006-07-13T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 FreeBSD.",
      "revision_date": "2006-07-21T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Gentoo, RedHat, Suse, Debian et SGI.",
      "revision_date": "2006-08-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 dans Samba",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Samba du 10 juillet 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-501

Vulnerability from certfr_avis - Published: 2006-11-15 - Updated: 2007-05-29

None

Description

De multiples vulnérabilités ont été découvertes dans le produit VMware ESX Server. Ces vulnérabilités permettent à un utilisateur mal intentionné de provoquer un déni de service à distance et/ou d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware ESX Server 2.1.3 Upgrade Patch 2 ;
VMware	N/A	VMware ESX Server 2.0.2 Upgrade Patch 2 ;
VMware	N/A	VMware ESX Server 3.0.0 AMD fxsave/restore issue.
VMware	N/A	VMware ESX Server 2.5.4 Upgrade Patch 1 ;

References

Title

Publication Time

Tags

Bulletins de sécurité VMware du 13 Novembre 2006	None	vendor-advisory
Bulletins de sécurité VMware ESX Server :	-	other
Bulletins de sécurité VMware ESX Server :	-	other
Bulletins de sécurité VMware ESX Server :	-	other
Bulletin de sécurité SuSE SUSE-SA:2007:012 :	-	other
Bulletins de sécurité VMware ESX Server :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESX Server 2.1.3 Upgrade Patch 2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX Server 2.0.2 Upgrade Patch 2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX Server 3.0.0 AMD fxsave/restore issue.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX Server 2.5.4 Upgrade Patch 1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le produit VMware\nESX Server. Ces vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur mal\nintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance et/ou d\u0027ex\u00e9cuter\ndu code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1343"
    },
    {
      "name": "CVE-2006-2071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2071"
    },
    {
      "name": "CVE-2006-1342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1342"
    },
    {
      "name": "CVE-2006-3403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3403"
    },
    {
      "name": "CVE-2006-1056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1056"
    },
    {
      "name": "CVE-2005-2177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2177"
    },
    {
      "name": "CVE-2006-1864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1864"
    },
    {
      "name": "CVE-2006-3467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3467"
    }
  ],
  "initial_release_date": "2006-11-15T00:00:00",
  "last_revision_date": "2007-05-29T00:00:00",
  "links": [
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:012 :",
      "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0008.html"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 VMware ESX Server :",
      "url": "http://kb.vmware.com/kb/2533126"
    }
  ],
  "reference": "CERTA-2006-AVI-501",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-11-15T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 SuSE.",
      "revision_date": "2007-05-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 VMware du 13 Novembre 2006",
      "url": null
    }
  ]
}

GSD-2006-3403

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

Aliases

CVE-2006-3403

Aliases

CVE-2006-3403

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3403",
    "description": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.",
    "id": "GSD-2006-3403",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-3403.html",
      "https://www.debian.org/security/2006/dsa-1110",
      "https://access.redhat.com/errata/RHSA-2006:0591"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3403"
      ],
      "details": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.",
      "id": "GSD-2006-3403",
      "modified": "2023-12-13T01:19:57.606960Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-3403",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "USN-314-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-314-1"
          },
          {
            "name": "21187",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21187"
          },
          {
            "name": "ADV-2006-4750",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "name": "SUSE-SR:2006:017",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
          },
          {
            "name": "1016459",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016459"
          },
          {
            "name": "20983",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20983"
          },
          {
            "name": "ADV-2006-2745",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2745"
          },
          {
            "name": "ADV-2006-4502",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4502"
          },
          {
            "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html",
            "refsource": "MISC",
            "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
          },
          {
            "name": "http://www.samba.org/samba/security/CAN-2006-3403.html",
            "refsource": "CONFIRM",
            "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=304829",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "name": "22875",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22875"
          },
          {
            "name": "SSA:2006-195",
            "refsource": "SLACKWARE",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
          },
          {
            "name": "http://www.vmware.com/download/esx/esx-202-200610-patch.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
          },
          {
            "name": "21190",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21190"
          },
          {
            "name": "21086",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21086"
          },
          {
            "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
          },
          {
            "name": "http://www.vmware.com/download/esx/esx-213-200610-patch.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
          },
          {
            "name": "21262",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21262"
          },
          {
            "name": "20060711 rPSA-2006-0128-1 samba samba-swat",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
          },
          {
            "name": "20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
          },
          {
            "name": "VU#313836",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/313836"
          },
          {
            "name": "23155",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "name": "18927",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/18927"
          },
          {
            "name": "samba-smbd-connection-dos(27648)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
          },
          {
            "name": "21019",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21019"
          },
          {
            "name": "20980",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20980"
          },
          {
            "name": "20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
          },
          {
            "name": "RHSA-2006:0591",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
          },
          {
            "name": "APPLE-SA-2006-11-28",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
          },
          {
            "name": "HPSBUX02155",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
          },
          {
            "name": "TA06-333A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
          },
          {
            "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
          },
          {
            "name": "21046",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21046"
          },
          {
            "name": "21159",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21159"
          },
          {
            "name": "SSRT061235",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
          },
          {
            "name": "20060720 Samba Internal Data Structures DOS Vulnerability Exploit",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
          },
          {
            "name": "DSA-1110",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2006/dsa-1110"
          },
          {
            "name": "20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
          },
          {
            "name": "GLSA-200607-10",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:11355",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
          },
          {
            "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
          },
          {
            "name": "MDKSA-2006:120",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
          },
          {
            "name": "21143",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21143"
          },
          {
            "name": "20060703-01-P",
            "refsource": "SGI",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
          },
          {
            "name": "21018",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21018"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3403"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.samba.org/samba/security/CAN-2006-3403.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
            },
            {
              "name": "18927",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/18927"
            },
            {
              "name": "20980",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/20980"
            },
            {
              "name": "20983",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/20983"
            },
            {
              "name": "DSA-1110",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1110"
            },
            {
              "name": "SSA:2006-195",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
            },
            {
              "name": "USN-314-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-314-1"
            },
            {
              "name": "1016459",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016459"
            },
            {
              "name": "21018",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21018"
            },
            {
              "name": "21019",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21019"
            },
            {
              "name": "21046",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21046"
            },
            {
              "name": "21086",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21086"
            },
            {
              "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
            },
            {
              "name": "VU#313836",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/313836"
            },
            {
              "name": "21143",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21143"
            },
            {
              "name": "GLSA-200607-10",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
            },
            {
              "name": "RHSA-2006:0591",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
            },
            {
              "name": "SUSE-SR:2006:017",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
            },
            {
              "name": "21187",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21187"
            },
            {
              "name": "21190",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21190"
            },
            {
              "name": "21159",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21159"
            },
            {
              "name": "20060703-01-P",
              "refsource": "SGI",
              "tags": [],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
            },
            {
              "name": "21262",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21262"
            },
            {
              "name": "http://www.vmware.com/download/esx/esx-202-200610-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
            },
            {
              "name": "http://www.vmware.com/download/esx/esx-213-200610-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
            },
            {
              "name": "22875",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/22875"
            },
            {
              "name": "APPLE-SA-2006-11-28",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
            },
            {
              "name": "TA06-333A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
            },
            {
              "name": "23155",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/23155"
            },
            {
              "name": "MDKSA-2006:120",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
            },
            {
              "name": "ADV-2006-2745",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/2745"
            },
            {
              "name": "ADV-2006-4502",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4502"
            },
            {
              "name": "ADV-2006-4750",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4750"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=304829",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=304829"
            },
            {
              "name": "samba-smbd-connection-dos(27648)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
            },
            {
              "name": "oval:org.mitre.oval:def:11355",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
            },
            {
              "name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
            },
            {
              "name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
            },
            {
              "name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
            },
            {
              "name": "HPSBUX02155",
              "refsource": "HP",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
            },
            {
              "name": "20060721 Re: Samba Internal Data Structures DOS Vulnerability Exploit",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
            },
            {
              "name": "20060720 Samba Internal Data Structures DOS Vulnerability Exploit",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
            },
            {
              "name": "20060711 rPSA-2006-0128-1 samba samba-swat",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
            },
            {
              "name": "20060710 Re: [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
            },
            {
              "name": "20060710 [ANNOUNCEMENT] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-18T16:47Z",
      "publishedDate": "2006-07-12T19:05Z"
    }
  }
}

FKIE_CVE-2006-3403

Vulnerability from fkie_nvd - Published: 2006-07-12 19:05 - Updated: 2025-04-03 01:03

Severity ?

Summary

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

References

URL	Tags
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=304829
cve@mitre.org	http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
cve@mitre.org	http://secunia.com/advisories/20980	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/20983	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/21018
cve@mitre.org	http://secunia.com/advisories/21019
cve@mitre.org	http://secunia.com/advisories/21046
cve@mitre.org	http://secunia.com/advisories/21086
cve@mitre.org	http://secunia.com/advisories/21143
cve@mitre.org	http://secunia.com/advisories/21159
cve@mitre.org	http://secunia.com/advisories/21187
cve@mitre.org	http://secunia.com/advisories/21190
cve@mitre.org	http://secunia.com/advisories/21262
cve@mitre.org	http://secunia.com/advisories/22875
cve@mitre.org	http://secunia.com/advisories/23155
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200607-10.xml
cve@mitre.org	http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html
cve@mitre.org	http://securitytracker.com/id?1016459
cve@mitre.org	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.416876
cve@mitre.org	http://www.debian.org/security/2006/dsa-1110
cve@mitre.org	http://www.kb.cert.org/vuls/id/313836	US Government Resource
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2006:120
cve@mitre.org	http://www.novell.com/linux/security/advisories/2006_17_sr.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2006-0591.html
cve@mitre.org	http://www.samba.org/samba/security/CAN-2006-3403.html	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/439757/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/439875/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/439880/100/100/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/440767/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/440836/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/448957/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/451404/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/451417/100/200/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/451426/100/200/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18927	Patch
cve@mitre.org	http://www.ubuntu.com/usn/usn-314-1
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA06-333A.html	US Government Resource
cve@mitre.org	http://www.vmware.com/download/esx/esx-202-200610-patch.html
cve@mitre.org	http://www.vmware.com/download/esx/esx-213-200610-patch.html
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2745
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4502
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4750
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27648
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=304829
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20980	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20983	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21018
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21019
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21046
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21086
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21143
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21159
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21187
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21190
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21262
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22875
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23155
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200607-10.xml
af854a3a-2127-422b-91ae-364da2661108	http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016459
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.416876
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1110
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/313836	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:120
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2006_17_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0591.html
af854a3a-2127-422b-91ae-364da2661108	http://www.samba.org/samba/security/CAN-2006-3403.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/439757/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/439875/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/439880/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/440767/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/440836/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/448957/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451404/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451417/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/451426/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18927	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-314-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-333A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/download/esx/esx-202-200610-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/download/esx/esx-213-200610-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2745
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4502
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4750
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27648
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355

Impacted products

Vendor	Product	Version
samba	samba	3.0.1
samba	samba	3.0.2
samba	samba	3.0.3
samba	samba	3.0.4
samba	samba	3.0.5
samba	samba	3.0.6
samba	samba	3.0.7
samba	samba	3.0.8
samba	samba	3.0.9
samba	samba	3.0.10
samba	samba	3.0.11
samba	samba	3.0.12
samba	samba	3.0.13
samba	samba	3.0.14
samba	samba	3.0.14a
samba	samba	3.0.15
samba	samba	3.0.16
samba	samba	3.0.17
samba	samba	3.0.18
samba	samba	3.0.19
samba	samba	3.0.20a
samba	samba	3.0.20b
samba	samba	3.0.21
samba	samba	3.0.21a
samba	samba	3.0.21b
samba	samba	3.0.21c
samba	samba	3.0.22

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "216145B7-4716-42F7-90DC-03884ECB2271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "898968E5-577E-4B86-A804-EBEC67157A61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8016DC4F-F410-4401-BDCC-91BE0D44D028",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC94A2CF-85DF-4BB5-8F78-470A3454C3CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC116E5-B739-4E18-AA51-FFF59EBCA08F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3806-E33A-49A6-99A4-095B4E543C43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA7D08FB-30B9-4E42-B831-21A0C095062C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6C8A4-FA17-44EF-A447-C73108540B59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D5EA00-CC2E-4E56-8297-A3C1CEDBBE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "50E05AD3-C7F0-421D-8C9B-604E553332E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A53517C-F12D-4D74-A722-5AE23598CEC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF4A0A7-E176-4009-BAA2-E23B330D91A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*",
              "matchCriteriaId": "42EB6115-CC45-4464-8400-D7E3A9402803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B06DAF-869F-481B-965D-70353581A6E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF1A1D4-39DE-4227-A6E0-7E7817BDCCE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F0E277-09BD-4FA8-B2A3-7E83AD1656BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F260B05-3963-49BF-9D96-EB06722C5483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A7E91B-7B13-47E5-B8E6-CE7D6DC490F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1936E19-9887-4E53-AA0C-738ABD4B97EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2206C09-6A4B-4EC4-A206-E48EDF966913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B918306-8743-404D-A035-CC3997ADCC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*",
              "matchCriteriaId": "43684906-D3AA-40FB-A75D-ED65C1DC9BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*",
              "matchCriteriaId": "62E39538-4811-49DB-97CF-1F018C58BAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*",
              "matchCriteriaId": "C85D69FE-AF43-4B0E-A7A9-2D2C16426180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "86347948-C08F-4F02-89A0-4F4A55CD4BA7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests."
    },
    {
      "lang": "es",
      "value": "El demonio smdb (smbd/service.c) en Samba versiones 3.0.1 hasta la 3.0.22, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un gran n\u00famero de peticiones de conexi\u00f3n compartida."
    }
  ],
  "id": "CVE-2006-3403",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-12T19:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=304829"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20980"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20983"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21018"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21019"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21046"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21086"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21143"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21159"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21187"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21190"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/21262"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22875"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23155"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016459"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1110"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/313836"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18927"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-314-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2745"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4502"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4750"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=304829"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20980"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21190"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200607-10.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1175/exploit.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.416876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/313836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:120"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0591.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.samba.org/samba/security/CAN-2006-3403.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/439757/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/439875/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/439880/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/440767/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/440836/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/448957/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-314-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2745"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11355"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3403 (GCVE-0-2006-3403)

GHSA-4X79-6W4J-GWX6

CERTA-2006-AVI-458

Description

Solution

CERTA-2006-AVI-517

Description

Solution

CERTA-2006-AVI-294

Description

Solution

CERTA-2006-AVI-501

Description

Solution

GSD-2006-3403

FKIE_CVE-2006-3403

Tags

Sightings

Nomenclature