Samba Deferred CIFS File Open Denial of Service Vulnerability

Bugtraq ID:	22395
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-0452
Remote:	No
Local:	Yes
Published:	Feb 05 2007 12:00AM
Updated:	Mar 19 2015 09:32AM
Credit:	This issue was disclosed by the vendor.
Vulnerable:	Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 10.0.0 x64 Turbolinux Turbolinux FUJI Turbolinux FUJI 0 Turbolinux Appliance Server 2.0 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Operating System Enterprise Server 2.0 SuSE SUSE Linux Enterprise Server 9 SuSE SUSE Linux Enterprise Server 10 SuSE SUSE Linux Enterprise Desktop 10 Sun Solaris 9_x86 Sun Solaris 9_sparc Sun Solaris 10_x86 Slackware Linux 10.2 Slackware Linux 10.1 Slackware Linux 10.0 Slackware Linux 11.0 SGI ProPack 3.0 SP6 Samba Samba 3.0.6 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 + Mandriva Linux Mandrake 10.0 + Turbolinux Appliance Server 1.0 Workgroup Edition + Turbolinux Appliance Server 1.0 Workgroup Edition + Turbolinux Appliance Server 1.0 Hosting Edition + Turbolinux Appliance Server 1.0 Hosting Edition + Turbolinux Appliance Server Hosting Edition 1.0 + Turbolinux Appliance Server Hosting Edition 1.0 + Turbolinux Appliance Server Workgroup Edition 1.0 + Turbolinux Appliance Server Workgroup Edition 1.0 + Turbolinux Home + Turbolinux Home + Turbolinux Turbolinux Desktop 10.0 + Turbolinux Turbolinux Desktop 10.0 + Turbolinux Turbolinux Server 10.0 + Turbolinux Turbolinux Server 10.0 + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Workstation 8.0 Samba Samba 3.0.5 Samba Samba 3.0.4 -r1 Samba Samba 3.0.4 + OpenPKG OpenPKG 2.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + Slackware Linux 10.0 Samba Samba 3.0.3 Samba Samba 3.0.23d + Mandriva Linux Mandrake 2007.0 x86_64 + Mandriva Linux Mandrake 2007.0 Samba Samba 3.0.23c + Slackware Linux 11.0 Samba Samba 3.0.23b Samba Samba 3.0.23a + MandrakeSoft Corporate Server 4.0 x86_64 + MandrakeSoft Corporate Server 4.0 S.u.S.E. openSUSE 10.2 S.u.S.E. Open-Enterprise-Server 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux 10.1 x86-64 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x86-64 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc rPath rPath Linux 1 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Desktop 4.0 RedHat Desktop 3.0 Red Hat Fedora Core6 Red Hat Fedora Core5 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux AS 3 Red Hat Enterprise Linux 5 Server Pardus Linux 2007.1 Mandriva Linux Mandrake 2006.0 x86_64 Mandriva Linux Mandrake 2006.0 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 HP HP-UX B.11.31 HP HP-UX B.11.23 HP HP-UX B.11.11 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Avaya Messaging Storage Server
Not Vulnerable:	Samba Samba 3.0.24 + Mandriva Linux Mandrake 2007.1 x86_64 + Mandriva Linux Mandrake 2007.1 + Mandriva Linux Mandrake 2007.1 + Ubuntu Ubuntu Linux 7.04 sparc + Ubuntu Ubuntu Linux 7.04 powerpc + Ubuntu Ubuntu Linux 7.04 i386 + Ubuntu Ubuntu Linux 7.04 amd64

Samba Deferred CIFS File Open Denial of Service Vulnerability

The smbd daemon is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to consume excessive memory resources, ultimately crashing the affected application.

This issue affects Samba 3.0.6 through 3.0.23d, inclusive.

Samba Deferred CIFS File Open Denial of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Samba Deferred CIFS File Open Denial of Service Vulnerability

Solution:
The vendor has released a patch to address this issue. Please see the referenced advisories for more information.


Samba Samba 3.0.23a

• Mandriva lib64smbclient0-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva lib64smbclient0-devel-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva lib64smbclient0-static-devel-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libsmbclient0-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libsmbclient0-devel-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libsmbclient0-static-devel-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva mount-cifs-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva mount-cifs-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva nss_wins-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva nss_wins-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-3.0.23a-2.1.20060mlcs4.src.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-client-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-client-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-common-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-common-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-doc-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-doc-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-server-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-server-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-smbldap-tools-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-smbldap-tools-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-swat-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-swat-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-test-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-test-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-vscan-clamav-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-vscan-clamav-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-vscan-icap-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-vscan-icap-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-winbind-3.0.23a-2.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva samba-winbind-3.0.23a-2.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download

Samba Samba 3.0.23c

• RedHat Fedora samba-3.0.24-1.fc6.i386.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-3.0.24-1.fc6.ppc.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-3.0.24-1.fc6.x86_64.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-client-3.0.24-1.fc6.i386.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-client-3.0.24-1.fc6.ppc.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-client-3.0.24-1.fc6.x86_64.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-common-3.0.24-1.fc6.i386.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-common-3.0.24-1.fc6.ppc.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-common-3.0.24-1.fc6.x86_64.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-debuginfo-3.0.24-1.fc6.i386.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-debuginfo-3.0.24-1.fc6.ppc.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-debuginfo-3.0.24-1.fc6.x86_64.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-swat-3.0.24-1.fc6.i386.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-swat-3.0.24-1.fc6.ppc.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• RedHat Fedora samba-swat-3.0.24-1.fc6.x86_64.rpm
  Fedora Core 6
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


• Slackware samba-3.0.24-i486-1_slack11.0.tgz
  Slackware 11.0
  ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/ samba-3.0.24-i486-1_slack11.0.tgz


• Slackware samba-3.0.24-i486-1_slack11.0.tgz
  Slackware 11.0:
  ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/ samba-3.0.24-i486-1_slack11.0.tgz

Samba Samba 3.0.23b

• Mandriva libsmbclient0-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva libsmbclient0-devel-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva libsmbclient0-static-devel-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva mount-cifs-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva nss_wins-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-3.0.23d-2.1mdv2007.0.src.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-client-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-common-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-doc-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-server-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-smbldap-tools-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-swat-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-vscan-clamav-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-vscan-icap-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-winbind-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download

Sun Solaris 10_x86

• Sun 119758-05
  http://sunsolve.sun.com/patches/

HP HP-UX B.11.23

• HP A.02.03.01
  http://www.hp.com/go/softwaredepot/

HP HP-UX B.11.11

• HP A.02.03.01
  http://www.hp.com/go/softwaredepot/

Sun Solaris 9_x86

• Sun 114685-08
  http://sunsolve.sun.com/patches/

Samba Samba 3.0.23d

• Mandriva libsmbclient0-static-devel-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva mount-cifs-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva nss_wins-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-3.0.23d-2.1mdv2007.0.src.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-client-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-common-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-doc-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-server-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-smbldap-tools-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-vscan-icap-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva samba-winbind-3.0.23d-2.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Samba samba-3.0.23d-CVE-2007-0452.patch
  http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-045 2.patch


• SuSE samba-3.0.23d-19.2.i586.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/samba-3.0.23d-19.2.i5 86.rpm


• SuSE samba-3.0.23d-19.2.ppc.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/samba-3.0.23d-19.2.ppc .rpm


• SuSE samba-3.0.23d-19.2.x86_64.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-3.0.23d-19.2. x86_64.rpm


• SuSE samba-32bit-3.0.23d-19.2.x86_64.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-32bit-3.0.23d -19.2.x86_64.rpm


• SuSE samba-client-3.0.23d-19.2.i586.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/samba-client-3.0.23d- 19.2.i586.rpm


• SuSE samba-client-3.0.23d-19.2.ppc.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/samba-client-3.0.23d-1 9.2.ppc.rpm


• SuSE samba-client-3.0.23d-19.2.x86_64.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-client-3.0.23 d-19.2.x86_64.rpm


• SuSE samba-client-32bit-3.0.23d-19.2.x86_64.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-client-32bit- 3.0.23d-19.2.x86_64.rpm


• SuSE samba-winbind-3.0.23d-19.2.i586.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/samba-winbind-3.0.23d -19.2.i586.rpm


• SuSE samba-winbind-3.0.23d-19.2.ppc.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/samba-winbind-3.0.23d- 19.2.ppc.rpm


• SuSE samba-winbind-3.0.23d-19.2.x86_64.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-winbind-3.0.2 3d-19.2.x86_64.rpm


• SuSE samba-winbind-32bit-3.0.23d-19.2.x86_64.rpm
  openSUSE 10.2:
  ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-winbind-32bit -3.0.23d-19.2.x86_64.rpm

HP HP-UX B.11.31

• HP A.02.03.01
  http://www.hp.com/go/softwaredepot/

Samba Samba 3.0.3

• Samba samba-3.0.23d-CVE-2007-0452.patch
  http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-045 2.patch

Samba Samba 3.0.4 -r1

• Samba samba-3.0.23d-CVE-2007-0452.patch
  http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-045 2.patch

Samba Samba 3.0.4

• Samba samba-3.0.23d-CVE-2007-0452.patch
  http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-045 2.patch


• Slackware samba-3.0.24-i486-1_slack10.0.tgz
  Slackware 10.0
  ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ samba-3.0.24-i486-1_slack10.0.tgz


• Slackware samba-3.0.24-i486-1_slack10.0.tgz
  Slackware 10.0:
  ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ samba-3.0.24-i486-1_slack10.0.tgz

Samba Samba 3.0.5

• Samba samba-3.0.23d-CVE-2007-0452.patch
  http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-045 2.patch

Samba Samba 3.0.6

• Samba samba-3.0.23d-CVE-2007-0452.patch
  http://samba.org/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-045 2.patch

Samba Deferred CIFS File Open Denial of Service Vulnerability

References:

• Samba Homepage (Samba)
  
• [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0. ('Gerald (Jerry) Carter' )
  
• [SECURITY] [DSA 1257-1] New samba packages fix several vulnerabilities (Moritz Muehlenhoff )
  
• ASA-2007-110 - samba security update (Avaya)
  
• RHSA-2007:0060-3 - samba security update (Red Hat)
  
• RHSA-2007:0061-2 samba security update (Red Hat)
  
• Sun Alert ID: 102964 Multiple Security Vulnerabilities in samba(7) May Allow Rem (Sun)