SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Samba Vendors:   Samba.org
Samba LDAP Memory Consumption Flaw Lets Remote Users Cause the Target System to Crash
SecurityTracker Alert ID:  1034492
SecurityTracker URL:  http://securitytracker.com/id/1034492
CVE Reference:   CVE-2015-7540   (Links to External Site)
Date:  Dec 18 2015
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.0.0 to 4.1.21
Description:   A vulnerability was reported in Samba. A remote user can cause the target system to crash.

A remote user can send specially crafted packets to consume excessive memory on the target LDAP server and cause the target server to crash.

The vulnerability was detected via Codenomicon Defensics.

Impact:   A remote user can cause the target system to crash.
Solution:   The vendor has issued a fix (4.1.22).

The vendor's advisory is available at:

https://www.samba.org/samba/security/CVE-2015-7540.html

Vendor URL:  www.samba.org/samba/security/CVE-2015-7540.html (Links to External Site)
Cause:   Resource error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jan 5 2016 (Ubuntu Issues Fix) Samba LDAP Memory Consumption Flaw Lets Remote Users Cause the Target System to Crash
Ubuntu has issued a fix for Ubuntu Linux 12.04 LTS, 14.04 LTS, 15.04, and 15.10.
Jan 8 2016 (Red Hat Issues Fix) Samba LDAP Memory Consumption Flaw Lets Remote Users Cause the Target System to Crash
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Jan 8 2016 (Red Hat Issues Fix) Samba LDAP Memory Consumption Flaw Lets Remote Users Cause the Target System to Crash
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Jan 8 2016 (Red Hat Issues Fix) Samba LDAP Memory Consumption Flaw Lets Remote Users Cause the Target System to Crash
Red Hat has issued a fix for Red Hat Gluster Storage for Red Hat Enterprise Linux.
Feb 8 2016 (CentOS Issues Fix) Samba LDAP Memory Consumption Flaw Lets Remote Users Cause the Target System to Crash
CentOS has issued a fix for CentOS 7.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC