Garming Sam

**Name of the Vulnerable Software and Affected Versions** Samba versions prior to 4.10 **Description** A flaw in the LDAP search expression handling can cause the shared LDAP server process of a Samba AD DC to crash, leading to a denial of service. An authenticated user with read permissions on the LDAP server can exploit this issue. The vulnerability is related to a buffer overflow in the `ldb wildcard compare` function of the LDAP component, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For versions prior to 4.10, update to version 4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the LDAP server to minimize the risk of exploitation. Avoid using the vulnerable `ldb wildcard compare` function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Samba versions 4.0.0 through 4.7.11 Samba versions 4.8.0 through 4.8.6 Samba versions 4.9.0 through 4.9.2 **Description** The issue is related to a denial of service in Samba's LDAP search functionality. It occurs when the maximum size of cached search results, which is 256MB, is reached, causing the Samba process to follow a NULL pointer and terminate. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For Samba versions 4.0.0 through 4.7.11, update to version 4.7.12 or later. For Samba versions 4.8.0 through 4.8.6, update to version 4.8.7 or later. For Samba versions 4.9.0 through 4.9.2, update to version 4.9.3 or later.

**Name of the Vulnerable Software and Affected Versions** Samba versions 4.1.x through 4.1.22 Samba versions 4.2.x through 4.2.8 Samba versions 4.3.x through 4.3.5 Samba versions 4.4.x through 4.4.0rc3 **Description** The internal DNS server in Samba, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record. This issue is caused by a buffer overflow. **Recommendations** For Samba versions 4.1.x through 4.1.22, update to version 4.1.23 or later. For Samba versions 4.2.x through 4.2.8, update to version 4.2.9 or later. For Samba versions 4.3.x through 4.3.5, update to version 4.3.6 or later. For Samba versions 4.4.x through 4.4.0rc3, update to version 4.4.0rc4 or later.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.8.x through 1.8.11 Wireshark versions 1.10.x through 1.10.3 **Description** The issue is related to multiple buffer overflows in the create ntlmssp v2 key function in the NTLMSSP v2 dissector. This can be exploited by remote attackers to cause a denial of service, specifically an application crash, by sending a packet with a long domain name. **Recommendations** For Wireshark versions 1.8.x through 1.8.11, update to version 1.8.12 or later. For Wireshark versions 1.10.x through 1.10.3, update to version 1.10.4 or later.