Описание
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:1.1.24-1ubuntu1 |
| esm-infra-legacy/trusty | released | 1:1.1.16-1ubuntu0.1 |
| esm-infra/xenial | released | 2:1.1.24-1ubuntu1 |
| precise | released | 1:1.1.4-1ubuntu0.1 |
| precise/esm | DNE | precise was released [1:1.1.4-1ubuntu0.1] |
| trusty | released | 1:1.1.16-1ubuntu0.1 |
| trusty/esm | released | 1:1.1.16-1ubuntu0.1 |
| upstream | needs-triage | |
| vivid | released | 1:1.1.18-1ubuntu0.1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:4.3.3+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | released | 2:4.1.6+dfsg-1ubuntu2.14.04.11 |
| esm-infra/xenial | released | 2:4.3.3+dfsg-1ubuntu1 |
| precise | not-affected | 2:3.6.3-2ubuntu2.12 |
| precise/esm | not-affected | 2:3.6.3-2ubuntu2.12 |
| trusty | released | 2:4.1.6+dfsg-1ubuntu2.14.04.11 |
| trusty/esm | released | 2:4.1.6+dfsg-1ubuntu2.14.04.11 |
| upstream | released | 4.3.3,4.2.7,4.1.22 |
| vivid | released | 2:4.1.13+dfsg-4ubuntu3.1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 4.3.3,4.2.7,4.1.22 |
| vivid | DNE | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, ...
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
Уязвимость функции ldb_wildcard_compare пакета программ сетевого взаимодействия Samba, связанная с ошибкой в обработке чисел, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3