Main Vulnerability Database Vulnerabilities #VU23507

Use of out-of-range pointer offset in Samba - CVE-2019-14861

Published: December 10, 2019

Vulnerability identifier: #VU23507

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-14861

CWE-ID: CWE-823

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vendor: Samba

Affected software:
Samba

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when processing DNS records in ldb_qsort() and dns_name_compare() function within the dnsserver RPC pipe. A remote authenticated user can register a zone with an existing name but in different register and force Samba to read memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() calls. This will trigger Samba to follow invalid memory as a pointer and lead to DoS of the DNS management server.

How to mitigate CVE-2019-14861

Install updates from vendor's website.

Sources

https://www.samba.org/samba/security/CVE-2019-14861.html

Use of out-of-range pointer offset in Samba - CVE-2019-14861

Detailed vulnerability description

How to mitigate CVE-2019-14861

Sources

Please verify you're human