The Samba-Bugzilla – Attachment 18144 Details for
Bug 15474
[SECURITY] CVE-2023-42669 rpcecho, enabled and running in AD DC, allows blocking sleep on request
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Updated advisory (v3) with version numbers
CVE-2023-42669-remove-rpcecho-production-advisory-v3.txt (text/plain), 2.03 KB, created by
Andrew Bartlett
on 2023-09-29 08:13:22 UTC
(
hide
)
Description:
Updated advisory (v3) with version numbers
Filename:
MIME Type:
Creator:
Andrew Bartlett
Created:
2023-09-29 08:13:22 UTC
Size:
2.03 KB
patch
obsolete
>=========================================================== >== Subject: "rpcecho" development server allows Denial > of Service via sleep() call on AD DC >== >== CVE ID#: CVE-2023-42669 >== >== Versions: All versions of Samba since Samba 4.0.0 >== >== Summary: Calls to the rpcecho server on the AD DC can request > that the server block for a user-defined amount of > time, denying service. >=========================================================== > >=========== >Description >=========== > >Samba developers have built a non-Windows RPC server known as >"rpcecho" to test elements of the Samba DCE/RPC stack under their full >control. > >One RPC function provided by "rpcecho" can block, essentially >indefinitely, and because the "rpcecho" service is provided from the >main RPC task, which has only one worker, this denies essentially all >service on the AD DC. > >To address this problem, the rpcecho server is removed from our >production binaries and is restricted to selftest builds only. > >================== >Patch Availability >================== > >Patches addressing both these issues have been posted to: > > https://www.samba.org/samba/security/ > >Additionally, Samba 4.19.1, 4.18.8 and 4.17.7 have been issued >as security releases to correct the defect. Samba administrators are >advised to upgrade to these releases or apply the patch as soon >as possible. > >================== >CVSSv3 calculation >================== > >CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (6.5) > >========== >Workaround >========== > >Setting "dcerpc endpoint servers = -rpcecho" will disable the rpcecho >service on the AD DC. > >======= >Credits >======= > >Originally reported by Andrew Bartlett of Catalyst and the Samba Team. > >Patches provided by Andrew Bartlett of Catalyst and the Samba Team. > >Catalyst thanks Planet Innovation for supporting the production of >this security fix. > >========================================================== >== Our Code, Our Bugs, Our Responsibility. >== The Samba Team >========================================================== >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 15474
:
18094
|
18095
|
18120
|
18121
|
18135
|
18136
|
18137
|
18138
|
18144
|
18148