CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation "classic DCs") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as "The procedure number is out of range" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

History

06 Nov 2024, 15:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/', 'tags': ['Mailing List'], 'source': 'secalert@redhat.com'}
  • {'url': 'https://security.netapp.com/advisory/ntap-20231124-0002/', 'source': 'secalert@redhat.com'}

24 Nov 2023, 09:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20231124-0002/ -

13 Nov 2023, 20:02

Type Values Removed Values Added
CWE NVD-CWE-noinfo
References (MISC) https://www.samba.org/samba/security/CVE-2023-42670.html - (MISC) https://www.samba.org/samba/security/CVE-2023-42670.html - Vendor Advisory
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/ - Mailing List
References (MISC) https://access.redhat.com/security/cve/CVE-2023-42670 - (MISC) https://access.redhat.com/security/cve/CVE-2023-42670 - Third Party Advisory
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2241885 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2241885 - Issue Tracking
References (MISC) https://bugzilla.samba.org/show_bug.cgi?id=15473 - (MISC) https://bugzilla.samba.org/show_bug.cgi?id=15473 - Issue Tracking
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
First Time Fedoraproject
Samba samba
Fedoraproject fedora
Samba
CPE cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

03 Nov 2023, 22:15

Type Values Removed Values Added
References
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/ -

03 Nov 2023, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-03 08:15

Updated : 2024-11-06 15:15


NVD link : CVE-2023-42670

Mitre link : CVE-2023-42670

CVE.ORG link : CVE-2023-42670


JSON object : View

Products Affected

samba

  • samba

fedoraproject

  • fedora
CWE
NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption