Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2015-3223 CVE-2015-5330 |
CWE-ID | CWE-20 CWE-200 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system |
Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU33812
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-3223
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
pyldb-1.1.20-1.7.amzn1.i686
pyldb-devel-1.1.20-1.7.amzn1.i686
libldb-devel-1.1.20-1.7.amzn1.i686
libldb-debuginfo-1.1.20-1.7.amzn1.i686
ldb-tools-1.1.20-1.7.amzn1.i686
libldb-1.1.20-1.7.amzn1.i686
src:
libldb-1.1.20-1.7.amzn1.src
x86_64:
pyldb-1.1.20-1.7.amzn1.x86_64
ldb-tools-1.1.20-1.7.amzn1.x86_64
libldb-1.1.20-1.7.amzn1.x86_64
pyldb-devel-1.1.20-1.7.amzn1.x86_64
libldb-debuginfo-1.1.20-1.7.amzn1.x86_64
libldb-devel-1.1.20-1.7.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-633.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU32350
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-5330
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
pyldb-1.1.20-1.7.amzn1.i686
pyldb-devel-1.1.20-1.7.amzn1.i686
libldb-devel-1.1.20-1.7.amzn1.i686
libldb-debuginfo-1.1.20-1.7.amzn1.i686
ldb-tools-1.1.20-1.7.amzn1.i686
libldb-1.1.20-1.7.amzn1.i686
src:
libldb-1.1.20-1.7.amzn1.src
x86_64:
pyldb-1.1.20-1.7.amzn1.x86_64
ldb-tools-1.1.20-1.7.amzn1.x86_64
libldb-1.1.20-1.7.amzn1.x86_64
pyldb-devel-1.1.20-1.7.amzn1.x86_64
libldb-debuginfo-1.1.20-1.7.amzn1.x86_64
libldb-devel-1.1.20-1.7.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2016-633.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.