Add link to security bugs in bugzilla

[samba-web.git] / security / CVE-2015-3223.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>Samba - Security Announcement Archive</title>
</head>

<body>

   <H2>CVE-2015-3223.html:</H2>

<p>
<pre>
===========================================================
== Subject:     Denial of service in Samba Active Directory
==              server.
==
== CVE ID#:     CVE-2015-3223
==
== Versions:    Samba 4.0.0 to 4.3.2
==
== Summary:     Malicious request can cause Samba LDAP server
==              to hang, spinning using CPU.
==
===========================================================

===========
Description
===========

All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
ldb versions up to 1.1.23 inclusive) are vulnerable to
a denial of service attack in the samba daemon LDAP server.

A malicious client can send packets that cause the LDAP server in the
samba daemon process to become unresponsive, preventing the server
from servicing any other requests.

This flaw is not exploitable beyond causing the code to loop expending
CPU resources.

==================
Patch Availability
==================

Patches addressing this defect have been posted to

 https://www.samba.org/samba/history/security.html

Additionally, Samba 4.3.3, 4.2.7 and 4.1.22 (resp. ldb 1.1.24)
have been issued as security releases to correct the defect.
Samba vendors and administrators running affected versions are
advised to upgrade or apply the patch as soon as possible.

==========
Workaround
==========

None.

=======
Credits
=======

This problem was found by Thilo Uttendorfer of Linux Information
Systems AG. The fix was created by Jeremy Allison of Google.
</pre>
</body>
</html>