Vulnerability Details : CVE-2004-2546
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
Vulnerability category: Denial of service
Products affected by CVE-2004-2546
- cpe:2.3:a:samba:samba:1.9.17:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.17:p1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.17:p3:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.17:p5:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p6:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p8:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.0.5a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p10:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p2:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p3:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p4:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.17:p4:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p5:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:1.9.18:p7:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:2.2.12:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-2546
0.69%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 70 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-2546
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:P |
10.0
|
4.9
|
NIST |
Vendor statements for CVE-2004-2546
-
Red Hat 2006-08-30Not vulnerable. This issue did not affect the versions of Samba as distributed with Red Hat Enterprise Linux 3, or 4. Red Hat Enterprise Linux 2.1 shipped with a version of Samba prior to 3.0.6, but we verified by code audit that it is not affected by this issue.
References for CVE-2004-2546
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/17139
-
http://www.samba.org/samba/history/samba-3.0.6.html
Samba - Release Notes Archive
-
http://www.trustix.org/errata/2004/0043
Trustix | Empowering Trust and Security in the Digital Age
Jump to