CVE-2018-14629

Published: 27 November 2018

A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
samba
Launchpad, Ubuntu, Debian
Upstream
Released (4.7.12,4.8.7,4.9.3)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (2:4.7.6+dfsg~ubuntu-0ubuntu2.5)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2:4.3.11+dfsg-0ubuntu0.16.04.18)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2:4.3.11+dfsg-0ubuntu0.14.04.19)