QwikSec

Security Database

CVE

CWE

Training

CVE-2015-3223

Published: Dec 29, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=1290287

x_refsource_CONFIRM

FEDORA-2015-0e0879cc8a

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2016:1064

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

https://www.samba.org/samba/security/CVE-2015-3223.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2015:2304

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

SUSE-SU-2015:2305

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=ec504dbf69636a554add1f3d5703dd6c3ad450b8

x_refsource_CONFIRM

openSUSE-SU-2015:2354

vendor-advisory

x_refsource_SUSE

FEDORA-2015-b36076d32e

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_DEBIAN

https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=aa6c27148b9d3f8c1e4fdd5dd46bfecbbd0ca465

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2015:2356

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.