DNS: Samba AD DC CVE-2018-1140 Denial of service
This signature detects attempts to exploit a known vulnerability against Samba. A successful attack can result in a denial-of-service condition.
Extended Description
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
Affected Products
Samba samba
References
BugTraq: 105082
CVE: CVE-2018-1140
URL: https://www.samba.org/samba/security/cve-2018-1140.html
Short Name
DNS:QUERY:CVE-2018-1140-DOS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
DNS
Keywords
AD CVE-2018-1140 DC Denial Samba bid:105082 of service
Release Date
09/27/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Samba
CVSS Score
3.3