Lucene search

K
sambaSamba SecuritySAMBA:CVE-2018-16852
HistoryNov 27, 2018 - 12:00 a.m.

NULL pointer de-reference in Samba AD DC DNS servers

2018-11-2700:00:00
Samba Security
www.samba.org
112

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.007

Percentile

80.6%

Description

During the processing of an DNS zone in the DNS management DCE/RPC
server, the internal DNS server or the Samba DLZ plugin for BIND9,
if the DSPROPERTY_ZONE_MASTER_SERVERS property or
DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will
follow a NULL pointer and terminate.

There is no further vulnerability associated with this issue, merely a
denial of service.

Patch Availability

Patches addressing both these issues have been posted to:

http://www.samba.org/samba/security/

Additionally, Samba 4.9.3 has been issued as security releases
to correct the defect. Samba administrators are advised to
upgrade to these releases or apply the patch as soon as possible.

CVSSv3 calculation

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (4.9)

Workaround and mitigation

None. Only users with write access to dnsZone objects can trigger
this issue.

Credits

Originally reported by Fabrizio Faganello.

Patches provided by Gary Lockyer of the Samba Team and Catalyst.

== Our Code, Our Bugs, Our Responsibility.
== The Samba Team

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.007

Percentile

80.6%