Showing 1 - 4 of 4

CVE-2023-34966

Status Candidate

Overview

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.

Related Files

Red Hat Security Advisory 2024-4101-03: Posted Jun 27, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4101-03 - An update for samba is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34966; SHA-256 | 6aa512ca07c56fc577256f128940e4c2a27e34e6f5689b0f92e79429b72058b7; Download | Favorite | View

Debian Security Advisory 5647-1: Posted Mar 25, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5647-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service or information disclosure.; tags | advisory, denial of service, vulnerability, info disclosure; systems | linux, unix, debian; advisories | CVE-2022-2127, CVE-2022-3437, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-4091; SHA-256 | 1bf3eff1b405cc8734e78a924bf59118ea64667832f1c6ee614a890520f6a767; Download | Favorite | View

Gentoo Linux Security Advisory 202402-28: Posted Feb 19, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2018-14628, CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670; SHA-256 | c1b77ea663583d7b2f9d45426761c56ddbb0b4ac671059fc79dbe605a5da5b12; Download | Favorite | View

Debian Security Advisory 5477-1: Posted Aug 15, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5477-1 - Several vulnerabilities have been discovered in Samba, which could result in information disclosure, denial of service or insufficient enforcement of security-relevant config directives.; tags | advisory, denial of service, vulnerability, info disclosure; systems | linux, debian; advisories | CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968; SHA-256 | af91853d8e5f0024764f5543a8b80895c57747aa8c34de789911957203c66602; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 260 files
Ubuntu 90 files
indoushka 64 files
Jasper Nota 25 files
Gentoo 19 files
Willem Westerhof 19 files
Debian 15 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,090)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,547)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,646)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,459)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,729)
UNIX (9,433)
UnixWare (187)
Windows (6,670)
Other

CVE-2023-34966

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems