Vulnerabilities > CVE-2004-2546

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

samba

trustix

nessus

NVD

Published: 2004-12-31

Updated: 2018-10-30

Summary

Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).

Vulnerable Configurations

Part	Description	Count
Application	Samba Samba Samba 2.2.1A Samba Samba 3.0.3 Samba Samba 2.2.12 Samba Samba 2.2.3A Samba Samba 1.9.18 Samba Samba 3.0.2A Samba Samba 3.0.5 Samba Samba 1.9.17 Samba Samba 2.2.8A Samba Samba 3.0.4 Samba Samba 2.2.9 Samba Samba 3.0.0 Samba Samba 2.2.11 Samba Samba 2.2.1 Samba Samba 2.2.7A Samba Samba 2.0 Samba Samba 2.2A Samba Samba 3.0.2 Samba Samba 2.0.5A Samba Samba 2.2.10 Samba Samba 2.0.0 Samba Samba 3.0.1	35
OS	Trustix Trustix Secure Linux 2.0 Trustix Secure Linux 2.1	2

Nessus

NASL family	Misc.
NASL id	SAMBA_3_0_6.NASL
description	According to its banner, the version of Samba running on the remote host is earlier than 3.0.6. Such versions contain multiple memory leaks that can allow remote, unauthorized information disclosure and a remote denial of service attack. Note that Nessus has not actually tried to exploit this issue or determine if the issue has been fixed by a backported patch.
last seen	2020-06-01
modified	2020-06-02
plugin id	17721
published	2011-11-18
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/17721
title	Samba < 3.0.6 Unspecified Remote Memory Leak Information Disclosure
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(17721); script_version("1.5"); script_cvs_date("Date: 2018/11/15 20:50:23"); script_cve_id("CVE-2004-2546"); script_name(english:"Samba < 3.0.6 Unspecified Remote Memory Leak Information Disclosure"); script_summary(english:"Checks the version of Samba"); script_set_attribute(attribute:"synopsis", value: "The remote host is running a service that contains multiple memory leaks."); script_set_attribute(attribute:"description", value: "According to its banner, the version of Samba running on the remote host is earlier than 3.0.6. Such versions contain multiple memory leaks that can allow remote, unauthorized information disclosure and a remote denial of service attack. Note that Nessus has not actually tried to exploit this issue or determine if the issue has been fixed by a backported patch."); script_set_attribute(attribute:"see_also", value:"http://web.archive.org/web/20070831124508/http://xforce.iss.net:80/xforce/xfdb/17139"); script_set_attribute(attribute:"see_also", value:"https://www.samba.org/samba/history/samba-3.0.6.html"); script_set_attribute(attribute:"solution", value:"Upgrade to Samba 3.0.6 or higher."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_attribute(attribute:"vuln_publication_date", value:"2004/08/26"); script_set_attribute(attribute:"patch_publication_date", value:"2004/08/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/18"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:samba:samba"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("smb_nativelanman.nasl"); script_require_keys("SMB/NativeLanManager", "SMB/samba", "Settings/ParanoidReport"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); if (report_paranoia < 2) audit(AUDIT_PARANOID); port = get_kb_item_or_exit("SMB/transport"); lanman = get_kb_item_or_exit("SMB/NativeLanManager"); if ("Samba " >!< lanman) exit(0, "The SMB service listening on port "+port+" is not running Samba."); version = lanman - 'Samba '; ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if ( ver[0] < 3 \|\| (ver[0] == 3 && ver[1] == 0 && ver[2] < 6) ) { if (report_verbosity > 0) { report = '\n Installed version : ' + version + '\n Fixed version : 3.0.6\n'; security_warning(port:port, extra:report); } else security_warning(port); } else exit(0, "The Samba "+version+" install listening on port "+port+" is not affected.");

Statements

contributor	Mark J Cox
lastmodified	2006-08-30
organization	Red Hat
statement	Not vulnerable. This issue did not affect the versions of Samba as distributed with Red Hat Enterprise Linux 3, or 4. Red Hat Enterprise Linux 2.1 shipped with a version of Samba prior to 3.0.6, but we verified by code audit that it is not affected by this issue.

Vulnerabilities > CVE-2004-2546 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2004-2546"}]}

Summary

Vulnerable Configurations

Nessus

Statements

References

Vulnerabilities > CVE-2004-2546