Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0239

Опубликовано: 28 мая 2014
Источник: redhat
CVSS2: 1.8

Описание

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

Отчет

Not vulnerable. This issue does not affect the version of samba as shipped with Red Hat Enterprise Linux 5 and 6. This issue does not affect the version of samba3x as shipped with Red Hat Enterprise Linux 5. This issue does not affect the version of samba4 as shipped with Red Hat Enterprise Linux 6.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4sambaNot affected
Red Hat Enterprise Linux 5sambaNot affected
Red Hat Enterprise Linux 5samba3xNot affected
Red Hat Enterprise Linux 6sambaNot affected
Red Hat Enterprise Linux 6samba4Not affected
Red Hat Enterprise Linux 7sambaNot affected
Red Hat Storage 2.1sambaNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1101988samba: potential DoS in the internal DNS server

1.8 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0239

ubuntu
около 11 лет назад

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

nvd логотип

CVE-2014-0239

nvd
около 11 лет назад

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

debian логотип

CVE-2014-0239

debian
около 11 лет назад

The internal DNS server in Samba 4.x before 4.0.18 does not check the ...

github логотип

GHSA-4rm5-v8f4-mx8v

github
около 3 лет назад

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

fstec логотип

BDU:2015-00391

CVSS3: 7.5
fstec
около 11 лет назад

Уязвимость программного обеспечения Samba, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

1.8 Low

CVSS2