QwikSec

Security Database

CVE

CWE

Training

CVE-2015-7540

Published: Dec 29, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=9d989c9dd7a5b92d0c5d65287935471b83b6e884

x_refsource_CONFIRM

FEDORA-2015-0e0879cc8a

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

https://git.samba.org/?p=samba.git%3Ba=commit%3Bh=530d50a1abdcdf4d1775652d4c456c1274d83d8d

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

https://www.samba.org/samba/security/CVE-2015-7540.html

x_refsource_CONFIRM

FEDORA-2015-b36076d32e

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_GENTOO

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2015:2356

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=1288451

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.