Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Samba 内部DNS服务器输入验证错误漏洞
Vulnerability Description
Samba是Samba团队开发的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba 4.0.18之前的4.x版本中的内部DNS服务器中存在安全漏洞,该漏洞源于当处理请求时,程序没有检查DNS报文头信息中的‘reply’标志。远程攻击者可通过发送伪造的应答数据包利用该漏洞造成拒绝服务(CPU和带宽消耗)。
CVSS Information
N/A
Vulnerability Type
N/A