CVE-2014-0239

Published: 28 May 2014

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

Priority

Medium

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
Upstream
Released (4.0.18)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(2:4.1.8+dfsg-1ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2:4.1.6+dfsg-1ubuntu2.14.04.2)
Patches:
Upstream: http://git.samba.org/?p=samba.git;a=commit;h=bb0871c3ec44f6fb5fbd01e0f1522dfd7934cfe5
samba4
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist