Showing 1 - 4 of 4

CVE-2023-34966

Status Candidate

Overview

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.

Related Files

Red Hat Security Advisory 2024-4101-03: Posted Jun 27, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4101-03 - An update for samba is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34966; SHA-256 | 6aa512ca07c56fc577256f128940e4c2a27e34e6f5689b0f92e79429b72058b7; Download | Favorite | View

Debian Security Advisory 5647-1: Posted Mar 25, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5647-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service or information disclosure.; tags | advisory, denial of service, vulnerability, info disclosure; systems | linux, unix, debian; advisories | CVE-2022-2127, CVE-2022-3437, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-4091; SHA-256 | 1bf3eff1b405cc8734e78a924bf59118ea64667832f1c6ee614a890520f6a767; Download | Favorite | View

Gentoo Linux Security Advisory 202402-28: Posted Feb 19, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2018-14628, CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670; SHA-256 | c1b77ea663583d7b2f9d45426761c56ddbb0b4ac671059fc79dbe605a5da5b12; Download | Favorite | View

Debian Security Advisory 5477-1: Posted Aug 15, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5477-1 - Several vulnerabilities have been discovered in Samba, which could result in information disclosure, denial of service or insufficient enforcement of security-relevant config directives.; tags | advisory, denial of service, vulnerability, info disclosure; systems | linux, debian; advisories | CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968; SHA-256 | af91853d8e5f0024764f5543a8b80895c57747aa8c34de789911957203c66602; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 236 files
Ubuntu 90 files
Gentoo 31 files
Debian 23 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Amit Roy 4 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,077)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,339)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,263)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,651)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

CVE-2023-34966

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems