Vigil@nce - Samba: denial of service via DNS Reply
June 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send a spoofed DNS packet coming from another
Samba server, to generate a ping-pong between these two Samba
servers, in order to trigger a denial of service.
– Impacted products: Samba
– Severity: 2/4
– Creation date: 28/05/2014
DESCRIPTION OF THE VULNERABILITY
The Samba product offers an internal DNS service.
However, before replying to a DNS query, this service does not
check if it is already a reply.
An attacker can therefore send a spoofed DNS packet coming from
another Samba server, to generate a ping-pong between these two
Samba servers, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Samba-denial-of-service-via-DNS-Reply-14812