CVE-2007-0452
Last modified
CVE-2007-0452 is a vulnerability of currently unknown severity. smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.. EPSS estimates a 4.59% chance of exploitation in the next 30 days.
Description
smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Samba | Samba | 3.0.6 |
| Samba | Samba | 3.0.7 |
| Samba | Samba | 3.0.8 |
| Samba | Samba | 3.0.9 |
| Samba | Samba | 3.0.10 |
| Samba | Samba | 3.0.11 |
| Samba | Samba | 3.0.12 |
| Samba | Samba | 3.0.13 |
| Samba | Samba | 3.0.14a |
| Samba | Samba | 3.0.20 |
| Samba | Samba | 3.0.20a |
| Samba | Samba | 3.0.20b |
| Samba | Samba | 3.0.21 |
| Samba | Samba | 3.0.21a |
| Samba | Samba | 3.0.21b |
| Samba | Samba | 3.0.21c |
| Samba | Samba | 3.0.22 |
| Samba | Samba | 3.0.23 |
| Samba | Samba | 3.0.23a |
| Samba | Samba | 3.0.23b |
| Samba | Samba | 3.0.23c |
| Samba | Samba | 3.0.23d |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-0452?
How severe is CVE-2007-0452?
How do I fix CVE-2007-0452?
Are you affected by CVE-2007-0452?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST