#VU33812 Input validation error in Samba - CVE-2015-3223


| Updated: 2020-08-04

Vulnerability identifier: #VU33812

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2015-3223

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Samba: 3.4.0 - 3.4.17, 4.0.0 - 4.0.26, 4.1.0 - 4.1.21

External links
https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html
https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html
https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html
https://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
https://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html
https://www.debian.org/security/2016/dsa-3433
https://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
https://www.securityfocus.com/bid/79731
https://www.securitytracker.com/id/1034493
https://www.ubuntu.com/usn/USN-2855-1
https://www.ubuntu.com/usn/USN-2855-2
https://www.ubuntu.com/usn/USN-2856-1
https://bugzilla.redhat.com/show_bug.cgi?id=1290287
https://git.samba.org/?p=samba.git;a=commit;h=aa6c27148b9d3f8c1e4fdd5dd46bfecbbd0ca465
https://git.samba.org/?p=samba.git;a=commit;h=ec504dbf69636a554add1f3d5703dd6c3ad450b8
https://security.gentoo.org/glsa/201612-47
https://www.samba.org/samba/security/CVE-2015-3223.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Input validation error in samba (Alpine package)
Input validation error in ldb (Alpine package)
Amazon Linux AMI update for libldb
Input validation error in Samba
OpenSUSE Linux update for ldb, samba, talloc, tdb, tevent
SUSE Linux update for ldb, samba, talloc, tdb, tevent
SUSE Linux update for ldb, samba, talloc, tdb, tevent