The Samba-Bugzilla – Attachment 15246 Details for
Bug 13922
CVE-2019-12435 [SECURITY] zone operations can crash rpc server
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
updated advisory v3 (fix version s/4.9.10/4.9.9/)
CVE-2019-12435-advisory-v03.txt (text/plain), 1.77 KB, created by
Karolin Seeger
on 2019-06-13 09:02:04 UTC
(
hide
)
Description:
updated advisory v3 (fix version s/4.9.10/4.9.9/)
Filename:
MIME Type:
Creator:
Karolin Seeger
Created:
2019-06-13 09:02:04 UTC
Size:
1.77 KB
patch
obsolete
>=========================================================== >== Subject: Samba AD DC Denial of Service in DNS management server (dnsserver) >== >== CVE ID#: CVE-2019-12435 >== >== Versions: Samba 4.9 and 4.10 >== >== Summary: An authenticated user can crash the Samba AD DC's > RPC server process via a NULL pointer de-reference. > >=========================================================== > >=========== >Description >=========== > >The (poorly named) dnsserver RPC pipe provides administrative >facilities to modify DNS records and zones. > >An authenticated user can crash the RPC server process via a NULL >pointer de-reference. > >There is no further vulnerability associated with this issue, merely a >denial of service. > >================== >Patch Availability >================== > >Patches addressing both these issues have been posted to: > > http://www.samba.org/samba/security/ > >Additionally, Samba 4.9.9 and 4.10.5 have been issued as security >releases to correct the defect. Samba administrators are advised to >upgrade to these releases or apply the patch as soon as possible. > >================== >CVSSv3 calculation >================== > >CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (6.5) > >========== >Workaround >========== > >The dnsserver task can be stopped by setting > 'dcerpc endpoint servers = -dnsserver' >in the smb.conf and restarting Samba. > >======= >Credits >======= > >Originally reported by Coverity as CID 1418127, and triaged by Douglas >Bagnall of Catalyst and the Samba Team. > >Advisory by Andrew Bartlett of Catalyst and the Samba Team. > >Patches provided by Douglas Bagnall of Catalyst and the Samba Team. > >========================================================== >== Our Code, Our Bugs, Our Responsibility. >== The Samba Team >==========================================================
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=15246">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
kseeger
:
review+
abartlet
:
review+
dbagnall
:
review+
Actions:
View
Attachments on
bug 13922
:
15168
|
15176
|
15200
|
15201
|
15208
|
15209
|
15210
|
15229
|
15232
|
15233
|
15234
| 15246