Denial Of Service (DoS)

2020-08-0621:39:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

JSON

samba is vulnerable to denial of service. An attacker is able to terminate the application by sending a malicious string that causes the character conversion to fail. The vulnerability exists when the application is configured with log level = 3.

CPENameOperatorVersion
sambaeq4.8.12-r1
samba:3.8eq4.8.12-r0
samba:xenialeq2:4.3.8+dfsg-0ubuntu1
samba:bioniceq2:4.7.6+dfsg~ubuntu-0ubuntu2
samba:eoaneq2:4.10.7+dfsg-0ubuntu2
sambaeq4.8.5__104.el7rhgs
sambaeq4.1.12__23.ael7b_1
sambaeq4.9.1__6.el7
sambaeq4.1.12__24.ael7b_1
sambaeq4.6.3__6.el7rhgs

Name	Operator	Version
samba	eq	4.8.12-r1
samba:3.8	eq	4.8.12-r0
samba:xenial	eq	2:4.3.8+dfsg-0ubuntu1
samba:bionic	eq	2:4.7.6+dfsg~ubuntu-0ubuntu2
samba:eoan	eq	2:4.10.7+dfsg-0ubuntu2
samba	eq	4.8.5__104.el7rhgs
samba	eq	4.1.12__23.ael7b_1
samba	eq	4.9.1__6.el7
samba	eq	4.1.12__24.ael7b_1
samba	eq	4.6.3__6.el7rhgs