CVE-2004-0930

Description

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

How to fix CVE-2004-0930

To remediate CVE-2004-0930, upgrade the affected package to a fixed version below.

• Debian/samba—upgrade to 3.0.8-1 or later

Is CVE-2004-0930 being exploited?

Moderate — EPSS is 6.1%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 3.0.8-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2004-0930