Signature Detail

Short Name	SMB:EXPLOIT:SMB-MULTI-DOS
Severity	Medium
Recommended	No
Recommended Action	Drop
Category	SMB
Keywords	Samba Multiple Remote Denial of Service Vulnerability
Release Date	2010/06/21
Update Number	1718
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMB: Samba Multiple Remote Denial of Service Vulnerability

This signature detects attempts to exploit a known vulnerability against the SMB protocol. Attackers can craft a malicious SMB packet, which can result in a denial-of-service condition.

Extended Description

Samba is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to crash the application, denying service to legitimate users. Versions prior to Samba 3.4.8 and 3.5.2 are vulnerable.

Affected Products

Gentoo Linux
Mandriva Linux Mandrake 2010.0
Mandriva Linux Mandrake 2010.0 X86 64
Pardus Linux 2009
Samba 3.4.1
Samba 3.4.2
Samba 3.4.5
Samba 3.4.6
Samba 3.4.7
Samba 3.5
Samba 3.5.1

References

BugTraq: 40097
CVE: CVE-2010-0476
CVE: CVE-2010-1642
CVE: CVE-2010-1635
URL: http://www.samba.org
URL: https://bugzilla.samba.org/show_bug.cgi?id=7254
URL: http://samba.org/samba/history/samba-3.4.8.html
URL: http://samba.org/samba/history/samba-3.5.2.html

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

SMB: Samba Multiple Remote Denial of Service Vulnerability

Extended Description

Affected Products

References