Samba SecuritySAMBA:CVE-2015-7540Remote DoS in Samba (AD) LDAP server.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.133 Low
EPSS
Percentile
95.5%
Description
All versions of Samba from 4.0.0 to 4.1.21 inclusive are vulnerable to
an anonymous memory exhaustion attack in the samba daemon LDAP server.
A malicious client can send packets that cause the LDAP server provided
by the AD DC in the samba daemon process to consume unlimited memory
and be terminated.
Patch Availability
Patches addressing this defect have been posted to
https://www.samba.org/samba/history/security.html
Additionally, Samba 4.1.22 has been issued as
security releases to correct the defect.
Samba vendors and administrators running affected versions are
advised to upgrade or apply the patch as soon as possible.
Workaround
None.
Credits
This problem was found by the Codenomicon Defensics product
http://www.codenomicon.com, now part of Synopsys. Jeremy Allison of
Google and the Samba Team provided the fix into Samba master in Sep
2014. It was found to address this issue by Ralph BΓΆhme of SerNet and
the Samba Team.
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.133 Low
EPSS
Percentile
95.5%