{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-01-29T00:00:00", "descriptions": [{"lang": "en", "value": "Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-17T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "47763", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47763"}, {"name": "SUSE-SU-2012:0515", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html"}, {"name": "SUSE-SU-2012:0502", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.samba.org/samba/history/samba-3.6.3.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.samba.org/samba/security/CVE-2012-0817"}, {"name": "FEDORA-2012-1098", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-February/072930.html"}, {"name": "48879", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48879"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:38:14.846Z"}, "title": "CVE Program Container", "references": [{"name": "47763", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47763"}, {"name": "SUSE-SU-2012:0515", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html"}, {"name": "SUSE-SU-2012:0502", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.samba.org/samba/history/samba-3.6.3.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.samba.org/samba/security/CVE-2012-0817"}, {"name": "FEDORA-2012-1098", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-February/072930.html"}, {"name": "48879", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48879"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-0817", "datePublished": "2012-01-30T17:00:00", "dateReserved": "2012-01-19T00:00:00", "dateUpdated": "2024-08-06T18:38:14.846Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samba:samba:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "66999F57-FF99-419F-BB12-35DC79FCE945", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "5BD1356E-3B43-4C5B-9969-902440918EE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:samba:samba:3.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A7F3209-B376-490B-A761-2CCB6CEE209A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests."}, {"lang": "es", "value": "Fallo de memoria en smbd en Samba v3.6.x anterior a 3.6.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria y CPU)realizando numerosas peticiones de conexi\u00f3n."}], "id": "CVE-2012-0817", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-01-30T17:55:01.297", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-February/072930.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47763"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/48879"}, {"source": "secalert@redhat.com", "url": "http://www.samba.org/samba/history/samba-3.6.3.html"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.samba.org/samba/security/CVE-2012-0817"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-February/072930.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00014.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47763"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/48879"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.samba.org/samba/history/samba-3.6.3.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.samba.org/samba/security/CVE-2012-0817"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "samba: DoS (smbd crash) due memory leak in management of fds for socket connections", "id": "785746", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=785746"}, "csaw": false, "cvss": {"cvss_base_score": "3.3", "cvss_scoring_vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "status": "draft"}, "cwe": "CWE-401", "details": ["Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests."], "name": "CVE-2012-0817", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "samba3x", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "samba", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "samba4", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2012-01-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-0817\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-0817"], "statement": "Not vulnerable. This issue did not affect the versions of samba as shipped with Red Hat Enterprise Linux 4, 5, and 6. This issue did not affect the version of samba3x as shipped with Red Hat Enterprise Linux 5. This issue did not affect the version of samba4 as shipped with Red Hat Enterprise Linux 6.", "threat_severity": "Moderate"}