CVE-2012-0817

Published: Jan 30, 2012Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.

Affected (3)

Products: Samba: Samba

Samba

1 product

Samba

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Samba Samba	Version 3.6.0
Samba Samba	Version 3.6.1
Samba Samba	Version 3.6.2

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (14)

http://lists.fedoraproject.org/pipermail/package-announce/2012-February/072930.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html

Source: secalert@redhat.com

http://secunia.com/advisories/47763

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/48879

Source: secalert@redhat.com

http://www.samba.org/samba/history/samba-3.6.3.html

Source: secalert@redhat.com

http://www.samba.org/samba/security/CVE-2012-0817

Source: secalert@redhat.com

PatchVendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2012-February/072930.html