Samba Denial of Service Vulnerabilities

Last Update Date: 26 Jun 2014 Release Date: 24 Jun 2014 3723 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have been identified in Samba, which can be exploited by malicious users to cause a DoS (Denial of Service).

  1. An error in the "sys_recvfrom()" function (source3/lib/system.c) can be exploited to trigger an infinite loop within the nmbd daemon by sending a specially crafted NetBIOS packet.
  2. Some errors when handling Unicode file names can be exploited to cause out-of-bounds writes and subsequently crash the smbd daemon by issuing a non-Unicode read request for such files.

Impact

  • Denial of Service

System / Technologies affected

  • Versions prior to 4.1.9, prior to 4.0.19, and prior to 3.6.24.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix (3.6.24, 4.0.19, 4.1.9).

Vulnerability Identifier

Source

Related Link

Share with

Previous

McAfee Multiple Products OpenSSL Multiple Vulnerabilities

25 Jun 2014 3773 Views

Next

Cisco WebEx Meeting Server Information Disclosure Vulnerability

24 Jun 2014 3821 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY