Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-3223

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
CONFIRM: https://git.samba.org/...
CONFIRM: https://git.samba.org/...
CONFIRM: https://www.samba.org/...
BID: 79731
CONFIRM: http://www.oracle.com/...
SUSE: openSUSE-SU-2016:1064
UBUNTU: USN-2855-2
DEBIAN: DSA-3433
FEDORA: FEDORA-2015-0e0879cc8a
FEDORA: FEDORA-2015-b36076d32e
SUSE: SUSE-SU-2015:2304
SUSE: SUSE-SU-2015:2305
SUSE: openSUSE-SU-2015:2354
SUSE: openSUSE-SU-2015:2356
UBUNTU: USN-2855-1
UBUNTU: USN-2856-1
SECTRACK: 1034493
GENTOO: GLSA-201612-47

Launchpad.net

CVE 2015-3223

Related bugs

References