Lucene search

K

Veracode Vulnerability DatabaseVERACODE:12562

HistoryJan 15, 2019 - 9:18 a.m.

Denial Of Service (DoS)

2019-01-1509:18:48

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

8

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

samba is vulnerable denial of service (DoS) attacks. The vulnerability exists as smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.

CPENameOperatorVersion
sambaeq3.6.9__164.el6
sambaeq3.6.9__168.el6_5
sambaeq4.2.4__13.el7rhgs
sambaeq3.6.23__25.el6_7
sambaeq3.5.4__68.el6
sambaeq4.4.3__8.el7rhgs
sambaeq4.1.17__4.el6rhs
sambaeq3.6.509__169.6.el6rhs
sambaeq3.5.10__114.el6
sambaeq3.6.23__24.el6_7

Rows per page:

1-10 of 1021

References

www.securityfocus.com/bid/99455

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html

access.redhat.com/errata/RHSA-2017:1950

access.redhat.com/errata/RHSA-2017:2338

access.redhat.com/errata/RHSA-2017:2778

access.redhat.com/security/updates/classification/#low

bugs.debian.org/864291

bugzilla.redhat.com/show_bug.cgi?id=1218926

bugzilla.redhat.com/show_bug.cgi?id=1327810

bugzilla.redhat.com/show_bug.cgi?id=1356932

bugzilla.redhat.com/show_bug.cgi?id=1377690

bugzilla.redhat.com/show_bug.cgi?id=1377729

bugzilla.redhat.com/show_bug.cgi?id=1377751

bugzilla.redhat.com/show_bug.cgi?id=1389786

bugzilla.redhat.com/show_bug.cgi?id=1397871

bugzilla.redhat.com/show_bug.cgi?id=1397891

bugzilla.redhat.com/show_bug.cgi?id=1397895

bugzilla.redhat.com/show_bug.cgi?id=1401505

bugzilla.redhat.com/show_bug.cgi?id=1403242

bugzilla.redhat.com/show_bug.cgi?id=1403975

bugzilla.redhat.com/show_bug.cgi?id=1416746

bugzilla.redhat.com/show_bug.cgi?id=1420130

bugzilla.redhat.com/show_bug.cgi?id=1430755

bugzilla.redhat.com/show_bug.cgi?id=1430759

bugzilla.redhat.com/show_bug.cgi?id=1431986

bugzilla.redhat.com/show_bug.cgi?id=1448544

bugzilla.redhat.com/show_bug.cgi?id=1459179

bugzilla.redhat.com/show_bug.cgi?id=1460937

bugzilla.redhat.com/show_bug.cgi?id=1461336

bugzilla.samba.org/show_bug.cgi?id=12572

git.samba.org/?p=samba.git;a=commit;h=10c3e3923022485c720f322ca4f0aca5d7501310

lists.debian.org/debian-lts-announce/2019/04/msg00013.html

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

Related for VERACODE:12562

nessus10 redhat3 centos1 openvas6 osv2 cve1 ubuntu1 redhatcve1 ibm3 debiancve1 prion1 ubuntucve1 oraclelinux1 debian1