← voltar
CVE-2023-42669

Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc

CVSS 6.5 MEDIUMEPSS 1.7%CWE-400
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.5EPSS 1.7%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
06 nov 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
sambaRed Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat · Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat · Red Hat Storage 3Red Hat · Red Hat Virtualization 4 for Red Hat Enterprise Linux 8

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/errata/RHSA-2023:6209https://access.redhat.com/errata/RHSA-2023:6744https://access.redhat.com/errata/RHSA-2023:7371https://access.redhat.com/errata/RHSA-2023:7408https://access.redhat.com/errata/RHSA-2023:7464https://access.redhat.com/errata/RHSA-2023:7467https://access.redhat.com/security/cve/CVE-2023-42669https://bugzilla.redhat.com/show_bug.cgi?id=2241884https://bugzilla.samba.org/show_bug.cgi?id=15474https://security.netapp.com/advisory/ntap-20231124-0002/https://www.samba.org/samba/security/CVE-2023-42669.html