LDAP: Samba LDAP AD DC Paged Search Denial of Service
This signature detects attempts to exploit a known vulnerability against SAMBA. A successful attack can lead to Denial of Service.
Extended Description
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.
Affected Products
Canonical ubuntu_linux
References
BugTraq: 108823
CVE: CVE-2019-12436
URL: https://www.samba.org/samba/security/CVE-2019-12436.html https://www.synology.com/security/advisory/Synology_SA_19_27 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ3LCJNJ3ONHIRKDSKOTT6QGXALLCHVG/ https://usn.ubuntu.com/4018-1/
Short Name
LDAP:SAMBA-AD-DC-DOS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
LDAP
Keywords
AD CVE-2019-12436 DC Denial LDAP Paged Samba Search Service bid:108823 of
Release Date
08/14/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Samba
Canonical
CVSS Score
4.0