{"vuid":"VU#313836","idnumber":"313836","name":"Samba fails to properly handle multiple share connection requests","keywords":["Samba","DoS","denial of service","smbd","share connection requests","apple-2006-007"],"overview":"There is a vulnerability in the smbd process that may allow an attacker to create a denial-of-service condition.","clean_desc":"Samba\nSamba is an open-source implementation of SMB/CIFS file and print services. It is frequently included in UNIX and Linux distributions and is typically used provide file and print services to Windows clients. smbd\nThe smbd daemon is used to track connections to SMB network shares and printers. The Problem\nBy sending a large number of share requests, an attacker can exhaust the system resources available to the smbd process.","impact":"An attacker may be able to cause a denial of service condition by exhausting the system resources used by the smbd daemon.","resolution":"Upgrade\nSee the vendor of your operating system for patched smbd packages. Users who compile Samba from source should refer to the Samba web page to obtain a patched version of the software.","workarounds":"Workarounds Restrict access\nBlocking the SMB protocol at the network perimeter will reduce exposure to this vulnerability. Servers using the SMB protocol typically use ports 139/tcp and 445/tcp. Disable unnecessary daemons\nDo not enable the smbd daemon on systems that do not need to use the SMB protocol. Some operating systems have the smbd daemon started by default.","sysaffected":"","thanks":"Thanks to the \nSamba\n team for reporting this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["http://us1.samba.org/samba/security/CAN-2006-3403.html","http://secunia.com/advisories/20980/","http://secunia.com/advisories/21018/","http://secunia.com/advisories/20983/","http://secunia.com/advisories/21019/","http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:120","http://www.ubuntu.com/usn/usn-314-1","http://www.securityfocus.com/bid/18927","http://www.mandriva.com/security/advisories?name=MDKSA-2006:120","https://issues.rpath.com/browse/RPL-496","http://www.ubuntuforums.org/showthread.php?t=214283","http://security.gentoo.org/glsa/glsa-200607-10.xml"],"cveids":["CVE-2006-3403"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-07-13T17:47:11Z","publicdate":"2006-07-10T00:00:00Z","datefirstpublished":"2006-07-18T15:11:16Z","dateupdated":"2006-07-26T12:02:26Z","revision":70,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"10","cam_exploitation":"1","cam_internetinfrastructure":"3","cam_population":"2","cam_impact":"3","cam_easeofexploitation":"10","cam_attackeraccessrequired":"15","cam_scorecurrent":"0.23625","cam_scorecurrentwidelyknown":"0.405","cam_scorecurrentwidelyknownexploited":"0.725625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.23625,"vulnote":null}