Unrated severityOSV Advisory· Published Mar 6, 2019· Updated Aug 4, 2024

CVE-2019-3824

Description

A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.

Affected products

Samba (software)/SambaOSV
Range: ldb-1.1.0, ldb-1.1.10, ldb-1.1.11, …
osv-coords4 versions
pkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.0 pkg:rpm/opensuse/ldb&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015
< 1.2.3-lp150.7.2+ 3 more
- (no CPE)range: < 1.2.3-lp150.7.2
- (no CPE)range: < 2.3.0-1.3
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 1.2.3-3.8.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2019-04/msg00035.htmlmitrevendor-advisoryx_refsource_SUSE
usn.ubuntu.com/3895-1/mitrevendor-advisoryx_refsource_UBUNTU
www.debian.org/security/2019/dsa-4397mitrevendor-advisoryx_refsource_DEBIAN
www.securityfocus.com/bid/107347mitrevdb-entryx_refsource_BID
bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
bugzilla.samba.org/show_bug.cgimitrex_refsource_MISC
lists.debian.org/debian-lts-announce/2019/03/msg00000.htmlmitremailing-listx_refsource_MLIST
security.netapp.com/advisory/ntap-20190226-0001/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000