Published: 20/07/2023 Updated: 30/01/2024

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of Spotlight RPC arguments. Crafted arguments can force the server into an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samba samba
fedoraproject fedora 37
fedoraproject fedora 38
redhat enterprise linux 8.0
redhat enterprise linux 9.0
debian debian linux 11.0
debian debian linux 12.0

Debian Bug report logs - #1052087 CVE-2023-42464: 0-day vulnerability in afpd Spotlight RPC Package: netatalk; Maintainer for netatalk is Debian Netatalk team <pkg-netatalk-devel@listsaliothdebianorg>; Source for netatalk is src:netatalk (PTS, buildd, popcon) Reported by: Daniel Markstedt <daniel@mindaninet> Date ...

Synopsis Moderate: samba security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba, evolution-mapi, and openchangeis now available for Red Hat Enterprise Linux 8Red Hat ...

Synopsis Moderate: samba security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Security has rated this ...

Synopsis Moderate: samba security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for samba, evolution-mapi, and openchange is now available for Red Hat Enterprise Linux 9Red Hat ...

Several vulnerabilities have been discovered in Samba, which could result in information disclosure, denial of service or insufficient enforcement of security-relevant config directives The version of Samba in the oldstable distribution (bullseye) cannot be fully supported further: If you are using Samba as a domain controller you should either up ...

Description This CVE is under investigation by Red Hat Product Security ...

Check Point Reference: CPAI-2023-1539 Date Published: 25 Feb 2024 Severity: Medium ...

CWE-843 https://access.redhat.com/security/cve/CVE-2023-34967 https://www.samba.org/samba/security/CVE-2023-34967.html https://bugzilla.redhat.com/show_bug.cgi?id=2222794 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/https://security.netapp.com/advisory/ntap-20230731-0010/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/https://www.debian.org/security/2023/dsa-5477 https://access.redhat.com/errata/RHSA-2023:6667 https://access.redhat.com/errata/RHSA-2023:7139 https://access.redhat.com/errata/RHSA-2024:0423 https://access.redhat.com/errata/RHSA-2024:0580 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052087 https://nvd.nist.gov https://www.zerodayinitiative.com/advisories/ZDI-23-1227/

CVE-2023-34967

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect