Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
DNS:SAMBA-DNS-REPLY-FLAG-DOS |
|---|---|
Severity |
Major |
Recommended |
No |
Category |
DNS |
Keywords |
Samba DNS Reply Flag Denial of Service |
Release Date |
2015/06/12 |
Update Number |
2504 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
DNS: Samba DNS Reply Flag Denial of Service
This signature detects attempts to exploit a known vulnerability in the Samba DNS Reply Flag. The server fails to check the reply flag of DNS packets, making it vulnerable to reply to a spoofed reply. This could result in a "ping-pong" type attack where two vulnerable servers attack each other. An attacker could exploit this vulnerability by sending a DNS query to a vulnerable server with a spoofed source IP address of another vulnerable server. Successful exploitation could result in excessive consumption of resources on both vulnerable servers, possibly causing a denial of service condition.
Extended Description
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.
Affected Products
- Samba samba 4.0.1
- Samba samba 4.0.10
- Samba samba 4.0.11
- Samba samba 4.0.12
- Samba samba 4.0.13
- Samba samba 4.0.14
- Samba samba 4.0.15
- Samba samba 4.0.16
- Samba samba 4.0.17
- Samba samba 4.0.2
- Samba samba 4.0.3
- Samba samba 4.0.4
- Samba samba 4.0.5
- Samba samba 4.0.6
- Samba samba 4.0.7
- Samba samba 4.0.8
- Samba samba 4.0.9
References
- BugTraq: 67691
- CVE: CVE-2014-0239