Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-3223
HistoryDec 16, 2015 - 12:00 a.m.

CVE-2015-3223

2015-12-1600:00:00
ubuntu.com
ubuntu.com
8

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.388 Low

EPSS

Percentile

97.2%

JSON

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as
used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7,
and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote
attackers to cause a denial of service (infinite loop) via crafted packets.

Bugs

Notes

Author Note
mdeslaur says 4.0.0 to 4.3.2, need to check precise may require ldb update
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchldb< 1:1.1.4-1ubuntu0.1UNKNOWN
ubuntu14.04noarchldb< 1:1.1.16-1ubuntu0.1UNKNOWN
ubuntu15.04noarchldb< 1:1.1.18-1ubuntu0.1UNKNOWN
ubuntu15.10noarchldb< 2:1.1.20-2ubuntu0.1UNKNOWN
ubuntu16.04noarchldb< 2:1.1.24-1ubuntu1UNKNOWN
ubuntu16.10noarchldb< 2:1.1.24-1ubuntu1UNKNOWN
ubuntu17.04noarchldb< 2:1.1.24-1ubuntu1UNKNOWN
ubuntu14.04noarchsamba< 2:4.1.6+dfsg-1ubuntu2.14.04.11UNKNOWN
ubuntu15.04noarchsamba< 2:4.1.13+dfsg-4ubuntu3.1UNKNOWN
ubuntu15.10noarchsamba< 2:4.1.17+dfsg-4ubuntu3.1UNKNOWN
Rows per page:
1-10 of 131

Related

checkpoint_advisories 1
cve 1
f5 2
prion 1
samba 1
veracode 1
debiancve 1
redhat 2
nessus 23
openvas 21
amazon 1
centos 1
oraclelinux 3
ubuntu 3
fedora 2
mageia 1
altlinux 4
suse 5
ibm 1
osv 1
debian 2
freebsd 1
gentoo 1
checkpoint_advisories
checkpoint_advisories
Samba LDAP Server libldb Infinite Loop Denial of Service (CVE-2015-3223)
2016-04-11 00:00:00
cve
cve
CVE-2015-3223
2015-12-29 22:59:00
f5
f5
K09417637 : Samba vulnerability CVE-2015-3223
2016-10-21 00:00:00
SOL09417637 - Samba vulnerability CVE-2015-3223
2016-10-21 00:00:00
prion
prion
Code injection
2015-12-29 22:59:00
samba
samba
Denial of service in Samba Active Directory
2015-12-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:09:29
debiancve
debiancve
CVE-2015-3223
2015-12-29 22:59:00
redhat
redhat
(RHSA-2016:0009) Moderate: libldb security update
2016-01-07 00:00:00
(RHSA-2016:0014) Moderate: libldb security update
2016-01-08 09:04:39
nessus
nessus
Oracle Linux 6 / 7 : libldb (ELSA-2016-0009)
2016-01-08 00:00:00
CentOS 6 / 7 : libldb (CESA-2016:0009)
2016-01-08 00:00:00
Scientific Linux Security Update : libldb on SL6.x, SL7.x i386/x86_64 (20160107)
2016-01-11 00:00:00
openvas
openvas
CentOS Update for ldb-tools CESA-2016:0009 centos7
2016-01-08 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-633)
2016-01-20 00:00:00
CentOS Update for ldb-tools CESA-2016:0009 centos6
2016-01-08 00:00:00
amazon
amazon
Medium: libldb
2016-01-18 11:00:00
centos
centos
ldb, libldb, pyldb security update
2016-01-07 22:11:38
oraclelinux
oraclelinux
libldb security update
2016-01-07 00:00:00
samba security update
2016-01-07 00:00:00
samba4 security update
2016-01-07 00:00:00
ubuntu
ubuntu
ldb vulnerabilities
2016-01-05 00:00:00
Samba vulnerabilities
2016-01-05 00:00:00
Samba regression
2016-02-16 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: samba-4.3.3-0.fc23
2015-12-18 07:55:05
[SECURITY] Fedora 22 Update: samba-4.2.7-0.fc22
2015-12-26 21:53:02
mageia
mageia
Updated samba packages fix security vulnerabilities
2016-03-03 20:43:41
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.3.3-alt1
2015-12-16 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.3.3-alt1
2015-12-16 00:00:00
Security fix for the ALT Linux 8 package samba version 4.3.3-alt1
2015-12-16 00:00:00
suse
suse
Security update for ldb, samba, talloc, tdb, tevent (important)
2015-12-18 22:10:59
Security update for ldb, samba, talloc, tdb, tevent (important)
2015-12-18 21:10:45
Security update for ldb, samba, talloc, tdb, tevent (important)
2015-12-24 03:10:28
ibm
ibm
Security Bulletin: Vulnerabilities in Samba affect IBM i
2019-12-18 14:26:38
osv
osv
samba - security update
2016-01-02 00:00:00
debian
debian
[SECURITY] [DSA 3433-1] samba security update
2016-01-02 09:40:45
[SECURITY] [DSA 3433-1] samba security update
2016-01-02 09:40:27
freebsd
freebsd
samba -- multiple vulnerabilities
2015-12-16 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2016-12-24 00:00:00

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.388 Low

EPSS

Percentile

97.2%

JSON
Related for UB:CVE-2015-3223
checkpoint_advisories1cve1f52prion1samba1veracode1debiancve1redhat2nessus23openvas21amazon1centos1oraclelinux3ubuntu3fedora2mageia1altlinux4suse5ibm1osv1debian2freebsd1gentoo1