JVN/CVE Demo: Cveinfos

CVE

Id: 23809
CVE No.: CVE-2007-0452
Status: Candidate
Description: smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
Phase: Assigned (20070123)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
231385	23809	CVE-2007-0452	BUGTRAQ:20070205 [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d	View
231386	23809	CVE-2007-0452	URL:http://www.securityfocus.com/archive/1/archive/1/459167/100/0/threaded	View
231387	23809	CVE-2007-0452	BUGTRAQ:20070207 rPSA-2007-0026-1 samba samba-swat	View
231388	23809	CVE-2007-0452	URL:http://www.securityfocus.com/archive/1/archive/1/459365/100/0/threaded	View
231389	23809	CVE-2007-0452	CONFIRM:http://us1.samba.org/samba/security/CVE-2007-0452.html	View
231390	23809	CVE-2007-0452	CONFIRM:https://issues.rpath.com/browse/RPL-1005	View
231391	23809	CVE-2007-0452	DEBIAN:DSA-1257	View
231392	23809	CVE-2007-0452	URL:http://www.debian.org/security/2007/dsa-1257	View
231393	23809	CVE-2007-0452	FEDORA:FEDORA-2007-219	View
231394	23809	CVE-2007-0452	URL:http://fedoranews.org/cms/node/2579	View
231395	23809	CVE-2007-0452	FEDORA:FEDORA-2007-220	View
231396	23809	CVE-2007-0452	URL:http://fedoranews.org/cms/node/2580	View
231397	23809	CVE-2007-0452	GENTOO:GLSA-200702-01	View
231398	23809	CVE-2007-0452	URL:http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml	View
231399	23809	CVE-2007-0452	HP:HPSBUX02204	View
231400	23809	CVE-2007-0452	URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00943462	View
231401	23809	CVE-2007-0452	HP:SSRT071341	View
231402	23809	CVE-2007-0452	URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00943462	View
231403	23809	CVE-2007-0452	MANDRIVA:MDKSA-2007:034	View
231404	23809	CVE-2007-0452	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:034	View
231405	23809	CVE-2007-0452	REDHAT:RHSA-2007:0060	View
231406	23809	CVE-2007-0452	URL:http://www.redhat.com/support/errata/RHSA-2007-0060.html	View
231407	23809	CVE-2007-0452	REDHAT:RHSA-2007:0061	View
231408	23809	CVE-2007-0452	URL:http://www.redhat.com/support/errata/RHSA-2007-0061.html	View
231409	23809	CVE-2007-0452	SGI:20070201-01-P	View
231410	23809	CVE-2007-0452	URL:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc	View
231411	23809	CVE-2007-0452	SLACKWARE:SSA:2007-038-01	View
231412	23809	CVE-2007-0452	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916	View
231413	23809	CVE-2007-0452	SUNALERT:200588	View
231414	23809	CVE-2007-0452	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1	View
231415	23809	CVE-2007-0452	SUSE:SUSE-SA:2007:016	View
231416	23809	CVE-2007-0452	URL:http://lists.suse.com/archive/suse-security-announce/2007-Feb/0002.html	View
231417	23809	CVE-2007-0452	TRUSTIX:2007-0007	View
231418	23809	CVE-2007-0452	URL:http://www.trustix.org/errata/2007/0007	View
231419	23809	CVE-2007-0452	UBUNTU:USN-419-1	View
231420	23809	CVE-2007-0452	URL:http://www.ubuntu.com/usn/usn-419-1	View
231421	23809	CVE-2007-0452	BID:22395	View
231422	23809	CVE-2007-0452	URL:http://www.securityfocus.com/bid/22395	View
231423	23809	CVE-2007-0452	OVAL:oval:org.mitre.oval:def:9758	View
231424	23809	CVE-2007-0452	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9758	View
231425	23809	CVE-2007-0452	VUPEN:ADV-2007-0483	View
231426	23809	CVE-2007-0452	URL:http://www.vupen.com/english/advisories/2007/0483	View
231427	23809	CVE-2007-0452	VUPEN:ADV-2007-1278	View
231428	23809	CVE-2007-0452	URL:http://www.vupen.com/english/advisories/2007/1278	View
231429	23809	CVE-2007-0452	OSVDB:33100	View
231430	23809	CVE-2007-0452	URL:http://osvdb.org/33100	View
231431	23809	CVE-2007-0452	SECTRACK:1017587	View
231432	23809	CVE-2007-0452	URL:http://securitytracker.com/id?1017587	View
231433	23809	CVE-2007-0452	SECUNIA:24021	View
231434	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24021	View
231435	23809	CVE-2007-0452	SECUNIA:24060	View
231436	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24060	View
231437	23809	CVE-2007-0452	SECUNIA:24030	View
231438	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24030	View
231439	23809	CVE-2007-0452	SECUNIA:24067	View
231440	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24067	View
231441	23809	CVE-2007-0452	SECUNIA:24101	View
231442	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24101	View
231443	23809	CVE-2007-0452	SECUNIA:24046	View
231444	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24046	View
231445	23809	CVE-2007-0452	SECUNIA:24151	View
231446	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24151	View
231447	23809	CVE-2007-0452	SECUNIA:24145	View
231448	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24145	View
231449	23809	CVE-2007-0452	SECUNIA:24076	View
231450	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24076	View
231451	23809	CVE-2007-0452	SECUNIA:24140	View
231452	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24140	View
231453	23809	CVE-2007-0452	SECUNIA:24188	View
231454	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24188	View
231455	23809	CVE-2007-0452	SECUNIA:24792	View
231456	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24792	View
231457	23809	CVE-2007-0452	SECUNIA:24284	View
231458	23809	CVE-2007-0452	URL:http://secunia.com/advisories/24284	View
231459	23809	CVE-2007-0452	SREASON:2219	View
231460	23809	CVE-2007-0452	URL:http://securityreason.com/securityalert/2219	View
231461	23809	CVE-2007-0452	XF:samba-smbd-filerename-dos(32301)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
51460	JVNDB-2007-000122	Samba VFS モジュールの afsacl.so ライブラリにおけるフォーマットストリングの脆弱性	Samba の VFS モジュールに含まれる afsacl.so ライブラリには、Windows ACL のマッピングの間に AFS 共有ファイルシステム上のファイル名を適切に処理しないため、フォーマットストリングの脆弱性が存在します。	CVE-2007-0454	23809	7.5		http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000122.html	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.49 MB
Controller render start	2.36 MB
View render complete	2.89 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.29
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	621.22
Event: Controller.beforeRender	4.95
» Processing toolbar data	4.85
Rendering View	22.67
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	21.44
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.77
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.10
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/23809
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/23809
Remote Port	36290
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	18.218.146.21
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	18.218.146.21
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	18.218.146.21
Unique Id	aBdmpKnbMK96JUTa7iGGSAAAAfE
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	18.218.146.21
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	18.218.146.21
Redirect Unique Id	aBdmpKnbMK96JUTa7iGGSAAAAfE
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	18.218.146.21
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	18.218.146.21
Redirect Redirect Unique Id	aBdmpKnbMK96JUTa7iGGSAAAAfE
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746364068.8571
Request Time	1746364068

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files