PT-2019-1768 · Samba+3 · Samba+3

Garming Sam

Published

2019-02-01

Updated

2024-06-15

CVE-2019-3824

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Samba versions prior to 4.10

Description A flaw in the LDAP search expression handling can cause the shared LDAP server process of a Samba AD DC to crash, leading to a denial of service. An authenticated user with read permissions on the LDAP server can exploit this issue. The vulnerability is related to a buffer overflow in the ldb wildcard compare function of the LDAP component, which can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions prior to 4.10, update to version 4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the LDAP server to minimize the risk of exploitation. Avoid using the vulnerable ldb wildcard compare function until the issue is resolved.

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2019-1460

ALT-PU-2019-1461

ALT-PU-2019-1549

BDU:2019-01412

CVE-2019-3824

DLA-1699-1

DSA-4397-1

ECHO-D32D-23E1-029D

MGASA-2019-0152

OPENSUSE-SU-2019:1163-1

OPENSUSE-SU-2019_1163-1

OPENSUSE-SU-2024:10911-1

OPENSUSE-SU-2024:11365-1

SUSE-SU-2019:0639-1

SUSE-SU-2019_0639-1

USN-3895-1

Affected Products

Alt Linux

Samba

Suse

Ubuntu

PT-2019-1768 · Samba+3 · Samba+3

CVE-2019-3824

Weakness Enumeration

Related Identifiers

Affected Products

References · 102