CVE-2014-0244
samba: nmbd denial of service
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.
La función sys_recvfrom en nmbd en Samba 3.6.x anterior a 3.6.24, 4.0.x anterior a 4.0.19 y 4.1.x anterior a 4.1.9 permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumo de CPU) a través de un paquete UDP malformado.
A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time.
In Samba before 3.6.23, the SAMR server neglects to ensure that attempted password changes will update the bad password count, and does not set the lockout flags. This would allow a user unlimited attempts against the password by simply calling ChangePasswordUser2 repeatedly. This is available without any other authentication. Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS ame service. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are affected by a denial of service crash involving overwriting memory on an authenticated connection to the smbd file server. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-12-03 CVE Reserved
- 2014-06-23 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (24)
| URL | Tag | Source |
|---|---|---|
| http://advisories.mageia.org/MGASA-2014-0279.html | X_refsource_confirm | |
| http://linux.oracle.com/errata/ELSA-2014-0866.html | X_refsource_confirm | |
| http://secunia.com/advisories/59378 | Third Party Advisory | |
| http://secunia.com/advisories/59407 | Third Party Advisory | |
| http://secunia.com/advisories/59433 | Third Party Advisory | |
| http://secunia.com/advisories/59579 | Third Party Advisory | |
| http://secunia.com/advisories/59834 | Third Party Advisory | |
| http://secunia.com/advisories/59848 | Third Party Advisory | |
| http://secunia.com/advisories/59919 | Third Party Advisory | |
| http://secunia.com/advisories/61218 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/532757/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/68148 | Vdb Entry | |
| http://www.securitytracker.com/id/1030455 | Vdb Entry | |
| https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1 | X_refsource_confirm | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.0 Search vendor "Samba" for product "Samba" and version "4.1.0" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.1 Search vendor "Samba" for product "Samba" and version "4.1.1" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.2 Search vendor "Samba" for product "Samba" and version "4.1.2" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.3 Search vendor "Samba" for product "Samba" and version "4.1.3" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.4 Search vendor "Samba" for product "Samba" and version "4.1.4" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.5 Search vendor "Samba" for product "Samba" and version "4.1.5" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.6 Search vendor "Samba" for product "Samba" and version "4.1.6" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.7 Search vendor "Samba" for product "Samba" and version "4.1.7" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.1.8 Search vendor "Samba" for product "Samba" and version "4.1.8" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.0 Search vendor "Samba" for product "Samba" and version "4.0.0" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.1 Search vendor "Samba" for product "Samba" and version "4.0.1" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.2 Search vendor "Samba" for product "Samba" and version "4.0.2" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.3 Search vendor "Samba" for product "Samba" and version "4.0.3" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.4 Search vendor "Samba" for product "Samba" and version "4.0.4" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.5 Search vendor "Samba" for product "Samba" and version "4.0.5" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.6 Search vendor "Samba" for product "Samba" and version "4.0.6" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.7 Search vendor "Samba" for product "Samba" and version "4.0.7" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.8 Search vendor "Samba" for product "Samba" and version "4.0.8" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.9 Search vendor "Samba" for product "Samba" and version "4.0.9" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.10 Search vendor "Samba" for product "Samba" and version "4.0.10" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.11 Search vendor "Samba" for product "Samba" and version "4.0.11" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.12 Search vendor "Samba" for product "Samba" and version "4.0.12" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.13 Search vendor "Samba" for product "Samba" and version "4.0.13" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.14 Search vendor "Samba" for product "Samba" and version "4.0.14" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.15 Search vendor "Samba" for product "Samba" and version "4.0.15" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.16 Search vendor "Samba" for product "Samba" and version "4.0.16" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.17 Search vendor "Samba" for product "Samba" and version "4.0.17" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 4.0.18 Search vendor "Samba" for product "Samba" and version "4.0.18" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.0 Search vendor "Samba" for product "Samba" and version "3.6.0" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.1 Search vendor "Samba" for product "Samba" and version "3.6.1" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.2 Search vendor "Samba" for product "Samba" and version "3.6.2" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.3 Search vendor "Samba" for product "Samba" and version "3.6.3" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.4 Search vendor "Samba" for product "Samba" and version "3.6.4" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.5 Search vendor "Samba" for product "Samba" and version "3.6.5" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.6 Search vendor "Samba" for product "Samba" and version "3.6.6" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.7 Search vendor "Samba" for product "Samba" and version "3.6.7" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.8 Search vendor "Samba" for product "Samba" and version "3.6.8" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.9 Search vendor "Samba" for product "Samba" and version "3.6.9" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.10 Search vendor "Samba" for product "Samba" and version "3.6.10" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.11 Search vendor "Samba" for product "Samba" and version "3.6.11" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.12 Search vendor "Samba" for product "Samba" and version "3.6.12" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.13 Search vendor "Samba" for product "Samba" and version "3.6.13" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.14 Search vendor "Samba" for product "Samba" and version "3.6.14" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.15 Search vendor "Samba" for product "Samba" and version "3.6.15" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.16 Search vendor "Samba" for product "Samba" and version "3.6.16" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.17 Search vendor "Samba" for product "Samba" and version "3.6.17" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.18 Search vendor "Samba" for product "Samba" and version "3.6.18" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.19 Search vendor "Samba" for product "Samba" and version "3.6.19" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.20 Search vendor "Samba" for product "Samba" and version "3.6.20" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.21 Search vendor "Samba" for product "Samba" and version "3.6.21" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.22 Search vendor "Samba" for product "Samba" and version "3.6.22" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | 3.6.23 Search vendor "Samba" for product "Samba" and version "3.6.23" | - |
Affected
| ||||||