CVE-2014-0239CVE-2014-0239

Affected configuration(s):

cpe:/a:samba:samba:4.0.1
cpe:/a:samba:samba:4.0.2
cpe:/a:samba:samba:4.0.3
cpe:/a:samba:samba:4.0.4
cpe:/a:samba:samba:4.0.5
cpe:/a:samba:samba:4.0.6
cpe:/a:samba:samba:4.0.7
cpe:/a:samba:samba:4.0.8
cpe:/a:samba:samba:4.0.9
cpe:/a:samba:samba:4.0.10
cpe:/a:samba:samba:4.0.11
cpe:/a:samba:samba:4.0.12
cpe:/a:samba:samba:4.0.13
cpe:/a:samba:samba:4.0.14
cpe:/a:samba:samba:4.0.15
cpe:/a:samba:samba:4.0.16
cpe:/a:samba:samba:4.0.17

Date published: 2014-05-28T00:58:32.750-04:00

Date last modified: 2017-01-06T21:59:24.797-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://security.gentoo.org/glsa/glsa-201502-15.xml

Summary: The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.