Main Vulnerability Database Vulnerabilities #VU16156

#VU16156 NULL pointer dereference in Samba - CVE-2018-16851

Published: November 28, 2018

Vulnerability identifier: #VU16156

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-16851

CWE-ID: CWE-476

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Samba

Software vendor:
Samba

Description

The vulnerability allows a remote authenticated attacker to cause DoS condition.

The vulnerability exists due to the entries are cached in a single memory object with a maximum size of 256MB during the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client. A remote attacker can trigger NULL pointer dereference in the LDAP service when this size is reached and cause the process to crash.

Remediation

The vulnerability has been fixed in the version 4.7.12, 4.8.7, and 4.9.3.

External links

https://www.samba.org/samba/security/CVE-2018-16851.html

#VU16156 NULL pointer dereference in Samba - CVE-2018-16851

Description

Remediation

External links

Please verify you're human