#VU66202 Resource management error in Samba - CVE-2021-3670

Cybersecurity Help s.r.o.

Published: 2022-08-09

Vulnerability identifier: #VU66202

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3670

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to Samba AD DC LDAP does not honor the MaxQueryDuration option when handling LDAP requests. A remote user can execute heavy queries and perform a denial of service (DoS) attack.

Mitigation
Vendor does not consider this a security vulnerability and recommends to follow general hardening rules to avoid similar attack vectors.

Vulnerable software versions

Samba: 4.14.3

External links
https://bugzilla.samba.org/show_bug.cgi?id=14694
https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler 20.03 LTS SP4 update for libldb

Gentoo update for Samba

Ubuntu update for samba

SUSE update for ldb, samba

openEuler update for samba

SUSE update for ldb