Unrated severityNVD Advisory· Published May 28, 2014· Updated Jun 17, 2026
CVE-2014-0239
CVE-2014-0239
Description
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*range: >=4.0.0,<4.0.18
- (no CPE)range: <4.0.18
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/59579nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201502-15.xmlnvdThird Party Advisory
- www.samba.org/samba/security/CVE-2014-0239nvdVendor Advisory
- www.securityfocus.com/bid/67691nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1030309nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.