Vulnerabilities > CVE-2004-0829 - Unspecified vulnerability in Samba

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

samba

nessus

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.

Vulnerable Configurations

Part	Description	Count
Application	Samba Samba Samba 1.9.17 Samba Samba 1.9.18 Samba Samba 2.0.0 Samba Samba 2.0.1 Samba Samba 2.0.2 Samba Samba 2.0.3 Samba Samba 2.0.4 Samba Samba 2.0.5 Samba Samba 2.0.5A Samba Samba 2.0.6 Samba Samba 2.0.7 Samba Samba 2.2.0 Samba Samba 2.2.1 Samba Samba 2.2.2 Samba Samba 2.2.3 Samba Samba 2.2.3A Samba Samba 2.2.4 Samba Samba 2.2.5 Samba Samba 2.2.6 Samba Samba 2.2.7 Samba Samba 2.2.7A Samba Samba 2.2.8 Samba Samba 2.2.8A Samba Samba 2.2.9 Samba Samba 2.2.10	39

Nessus

NASL family	Denial of Service
NASL id	SAMBA_FINDNEXTPRINTCHANGENOTIFY_DOS.NASL
description	The remote Samba server, according to its version number, is vulnerable to a denial of service. An attacker may be able to crash the remote samba server by sending a FindNextPrintChangeNotify() request without previously issuing a FindFirstPrintChangeNoticy() call. It is reported that Windows XP SP2 generates such requests.
last seen	2020-06-01
modified	2020-06-02
plugin id	14381
published	2004-08-26
reporter	This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/14381
title	Samba smbd FindNextPrintChangeNotify() Request Remote DoS

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200409-14.NASL
description	The remote host is affected by the vulnerability described in GLSA-200409-14 (Samba: Remote printing vulnerability) Due to a bug in the printer_notify_info() function, authorized users could potentially crash the Samba server by sending improperly handled print change notification requests in an invalid order. Windows XP SP2 clients can trigger this behavior by sending a FindNextPrintChangeNotify() request before previously sending a FindFirstPrintChangeNotify() request. Impact A remote authorized user could potentially crash a Samba server after issuing these out of sequence requests. Workaround There is no known workaround at this time.
last seen	2016-09-26
modified	2011-05-28
plugin id	14695
published	2004-09-09
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=14695
title	[GLSA-200409-14] Samba: Remote printing vulnerability

Statements

contributor	Mark J Cox
lastmodified	2006-08-30
organization	Red Hat
statement	We do not class this as a security issue; this can only cause a denial of service for the attacker.

Summary

Vulnerable Configurations

Nessus

Statements

References