Samba told us on Nov07 that Samba <3.0.8 is vulnerable to a remote DoS. Public on Nov08 1500 UTC "A bug in the input validation routines used to match filename strings containing wildcard characters may allow a user to consume more than normal amounts of CPU cycles thus impacting the performance and response of the server." CAN-2004-0930 Affects: RHEL3 Embargoed (but only for a few hours).
Created attachment 106271 [details] Proposed patch from Samba
I'll set this as impact "moderate" as it requires an authenticated samba user to cause the DoS.
This issue does appear to affect RHEL2.1 after all.
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-632.html