Signature Detail
Short Name |
SMB:SAMBA:READ-NTTRANS-EA-LIST |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
SMB |
Keywords |
Samba smbd read_nttrans_ea_list Infinite Allocation Loop DOS |
Release Date |
2013/10/24 |
Update Number |
2313 |
Supported Platforms |
idp-4.1.110110609+, isg-3.4.139899+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMB: Samba smbd read_nttrans_ea_list Infinite Allocation Loop DOS
This signature detects attempts to exploit a known vulnerability against Samba Server. A successful attack can result in a denial-of-service condition.
Extended Description
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Affected Products
- canonical ubuntu_linux 10.04 (-:lts)
- canonical ubuntu_linux 12.04 (-:lts)
- canonical ubuntu_linux 12.10
- canonical ubuntu_linux 13.04
- fedoraproject fedora 18
- fedoraproject fedora 19
- novell opensuse 12.2
- novell opensuse 12.3
- redhat enterprise_linux 5
- samba 3.0
- samba 3.0.0
- samba 3.0.1
- samba 3.0.10
- samba 3.0.11
- samba 3.0.12
- samba 3.0.13
- samba 3.0.14a
- samba 3.0.14 (a)
- samba 3.0.15
- samba 3.0.16
- samba 3.0.17
- samba 3.0.18
- samba 3.0.19
- samba 3.0.20a
- samba 3.0.20 (a)
- samba 3.0.20b
- samba 3.0.20 (b)
- samba 3.0.21a
- samba 3.0.21 (a)
- samba 3.0.21b
- samba 3.0.21 (b)
- samba 3.0.21c
- samba 3.0.21 (c)
- samba 3.0.22
- samba 3.0.23a
- samba 3.0.23 (a)
- samba 3.0.23b
- samba 3.0.23 (b)
- samba 3.0.23c
- samba 3.0.23 (c)
- samba 3.0.23d
- samba 3.0.23 (d)
- samba 3.0.24
- samba 3.0.25a
- samba 3.0.25 (a)
- samba 3.0.25b
- samba 3.0.25 (b)
- samba 3.0.25c
- samba 3.0.25 (c)
- samba 3.0.25 (pre1)
- samba 3.0.25 (pre2)
- samba 3.0.25 (rc1)
- samba 3.0.25 (rc2)
- samba 3.0.25 (rc3)
- samba 3.0.26a
- samba 3.0.26 (a)
- samba 3.0.27 (a)
- samba 3.0.28 (a)
- samba 3.0.29
- samba 3.0.2a
- samba 3.0.2 (a)
- samba 3.0.3
- samba 3.0.30
- samba 3.0.31
- samba 3.0.32
- samba 3.0.33
- samba 3.0.34
- samba 3.0.35
- samba 3.0.36
- samba 3.0.37
- samba 3.0.4 (rc1)
- samba 3.0.5
- samba 3.0.6
- samba 3.0.7
- samba 3.0.8
- samba 3.0.9
- samba 3.1
- samba 3.2.0
- samba 3.2.1
- samba 3.2.10
- samba 3.2.11
- samba 3.2.12
- samba 3.2.13
- samba 3.2.14
- samba 3.2.15
- samba 3.2.2
- samba 3.2.3
- samba 3.2.4
- samba 3.2.5
- samba 3.2.6
- samba 3.2.7
- samba 3.2.8
- samba 3.2.9
- samba 3.3.0
- samba 3.3.1
- samba 3.3.10
- samba 3.3.11
- samba 3.3.12
- samba 3.3.13
- samba 3.3.14
- samba 3.3.15
- samba 3.3.16
- samba 3.3.2
- samba 3.3.3
- samba 3.3.4
- samba 3.3.5
- samba 3.3.6
- samba 3.3.7
- samba 3.3.8
- samba 3.3.9
- samba 3.4.0
- samba 3.4.1
- samba 3.4.10
- samba 3.4.11
- samba 3.4.12
- samba 3.4.13
- samba 3.4.14
- samba 3.4.15
- samba 3.4.16
- samba 3.4.17
- samba 3.4.2
- samba 3.4.3
- samba 3.4.4
- samba 3.4.5
- samba 3.4.6
- samba 3.4.7
- samba 3.4.8
- samba 3.4.9
- samba 3.5.0
- samba 3.5.1
- samba 3.5.10
- samba 3.5.11
- samba 3.5.12
- samba 3.5.13
- samba 3.5.14
- samba 3.5.15
- samba 3.5.16
- samba 3.5.17
- samba 3.5.18
- samba 3.5.19
- samba 3.5.2
- samba 3.5.20
- samba 3.5.21
- samba 3.6.0
- samba 3.6.1
- samba 3.6.10
- samba 3.6.11
- samba 3.6.12
- samba 3.6.13
- samba 3.6.14
- samba 3.6.15
- samba 3.6.16
- samba 3.6.2
- samba 3.6.3
- samba 3.6.4
- samba 3.6.5
- samba 3.6.6
- samba 3.6.7
- samba 3.6.8
- samba 3.6.9
- samba 4.0.0
- samba 4.0.1
- samba 4.0.2
- samba 4.0.3
- samba 4.0.4
- samba 4.0.5
- samba 4.0.6
- samba 4.0.7
References
- CVE: CVE-2013-4124