CVE-2014-0239

Published: 28/05/2014 Updated: 29/08/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The internal DNS server in Samba 4.x prior to 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote malicious users to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba

Several security issues were fixed in Samba ...

Debian Bug report logs - #749845 samba CVE-2014-0239 Potential DOS in Samba internal DNS server Package: samba; Maintainer for samba is Debian Samba Maintainers <pkg-samba-maint@listsaliothdebianorg>; Source for samba is src:samba (PTS, buildd, popcon) Reported by: Ivo De Decker <ivodedecker@ugentbe> Date: Fri, ...

The internal DNS server in Samba 4x before 4018 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103 ...

CWE-20 http://www.samba.org/samba/security/CVE-2014-0239 http://www.securitytracker.com/id/1030309 http://secunia.com/advisories/59579 http://security.gentoo.org/glsa/glsa-201502-15.xml http://www.securityfocus.com/bid/67691 https://usn.ubuntu.com/2257-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-0239

CVE-2014-0239

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect