Search for vulnerabilities
Vulnerability details: VCID-zt4d-nbzu-aaaj
Vulnerability ID VCID-zt4d-nbzu-aaaj
Aliases CVE-2004-0930
Summary The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2004:632
epss 0.03936 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.03936 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.03936 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.05183 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06058 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06447 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06447 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.06447 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
epss 0.07023 https://api.first.org/data/v1/epss?cve=CVE-2004-0930
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1617324
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2004-0930
Reference id Reference type URL
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
http://marc.info/?l=bugtraq&m=109993720717957&w=2
http://marc.info/?l=bugtraq&m=110330519803655&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0930.json
https://api.first.org/data/v1/epss?cve=CVE-2004-0930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0930
https://exchange.xforce.ibmcloud.com/vulnerabilities/17987
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1
https://www.ubuntu.com/usn/usn-22-1/
http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml
http://www.idefense.com/application/poi/display?id=156&type=vulnerabilities&flashstatus=false
http://www.mandriva.com/security/advisories?name=MDKSA-2004:131
http://www.novell.com/linux/security/advisories/2004_40_samba.html
http://www.securityfocus.com/bid/11624
1617324 https://bugzilla.redhat.com/show_bug.cgi?id=1617324
cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0.1:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0.1:*:irix:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0.2:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0.2:*:irix:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0.3:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0.3:*:irix:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0.4:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0.4:*:irix:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0.5:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0.5:*:irix:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0.6:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0.6:*:irix:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0.7:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0.7:*:irix:*:*:*:*:*
cpe:2.3:a:sgi:samba:3.0:*:irix:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sgi:samba:3.0:*:irix:*:*:*:*:*
cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
CVE-2004-0930 https://nvd.nist.gov/vuln/detail/CVE-2004-0930
RHSA-2004:632 https://access.redhat.com/errata/RHSA-2004:632
USN-22-1 https://usn.ubuntu.com/22-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2004-0930
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.91901
EPSS Score 0.03936
Published At Dec. 27, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.