K15439 : Samba vulnerability CVE-2014-0244

2014-07-2300:00:00

my.f5.com

8.8 High

AI Score

Confidence

High

3.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.089 Low

EPSS

Percentile

94.0%

JSON

Security Advisory Description

The sys_recvfrom function in nmbd in Samba (3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9) allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet. (CVE-2014-0244)
Impact
None. No F5 products are affected by this vulnerability.

CPENameOperatorVersion
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip analyticseq11.0.0
big-ip analyticseq11.1.0
big-ip analyticseq11.2.0
big-ip analyticseq11.2.1
big-ip analyticseq11.3.0

Name	Operator	Version
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip analytics	eq	11.0.0
big-ip analytics	eq	11.1.0
big-ip analytics	eq	11.2.0
big-ip analytics	eq	11.2.1
big-ip analytics	eq	11.3.0