Showing 1 - 3 of 3

CVE-2014-0239

Status Candidate

Overview

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

Related Files

Gentoo Linux Security Advisory 201502-15: Posted Feb 26, 2015; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201502-15 - Multiple vulnerabilities have been found in Samba, the worst of which allowing a context-dependent attacker to bypass intended file restrictions, cause a Denial of Service or execute arbitrary code. Versions less than 3.6.25 are affected.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2012-6150, CVE-2013-4124, CVE-2013-4408, CVE-2013-4475, CVE-2013-4476, CVE-2013-4496, CVE-2014-0178, CVE-2014-0239, CVE-2014-0244, CVE-2014-3493, CVE-2015-0240; SHA-256 | 606c956ce8f163cd743c45062fd6201fce247d72cbe7bc650aed2d2440e1861b; Download | Favorite | View

Ubuntu Security Notice USN-2257-1: Posted Jun 26, 2014; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2257-1 - Christof Schmitt discovered that Samba incorrectly initialized a certain response field when vfs shadow copy was enabled. A remote authenticated attacker could use this issue to possibly obtain sensitive information. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS. It was discovered that the Samba internal DNS server incorrectly handled QR fields when processing incoming DNS messages. A remote attacker could use this issue to cause Samba to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2014-0178, CVE-2014-0239, CVE-2014-0244, CVE-2014-3493; SHA-256 | ee495aec8ec133e39c6bb8c1541534dba3717b1f8a19b4fd91f988c20373902f; Download | Favorite | View

Slackware Security Advisory - samba Updates: Posted Jun 25, 2014; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2014-0178, CVE-2014-0239, CVE-2014-0244, CVE-2014-3493; SHA-256 | f86aa120b172105145f5b723718fabcd5166d7c4730b1069b104b7db69051aec; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 64 files
Debian 19 files
LiquidWorm 18 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Chokri Hammedi 3 files
Alter Prime 3 files
Valentin Lobstein 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2014-0239

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems