Denial of service in Samba Active Directory server.

2015-12-16T00:00:00
ID SAMBA:CVE-2015-3223
Type samba
Reporter Samba
Modified 2015-12-16T00:00:00

Description

All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all ldb versions up to 1.1.23 inclusive) are vulnerable to a denial of service attack in the samba daemon LDAP server. A malicious client can send packets that cause the LDAP server in the samba daemon process to become unresponsive, preventing the server from servicing any other requests. This flaw is not exploitable beyond causing the code to loop expending CPU resources.