Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-42669

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.

Published

2023-11-06T07:15:09.137

Last Modified

2024-11-21T08:22:55.443

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-400
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	samba	samba	< 4.17.12	Yes
Application	samba	samba	< 4.18.8	Yes
Application	samba	samba	< 4.19.1	Yes
Application	redhat	storage	3.0	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_linux	9.0	Yes
Operating System	redhat	enterprise_linux_eus	9.0	Yes
Operating System	redhat	enterprise_linux_for_ibm_z_systems	9.0_s390x	Yes
Operating System	redhat	enterprise_linux_for_ibm_z_systems_eus	9.0_s390x	Yes
Operating System	redhat	enterprise_linux_for_power_little_endian	9.0_ppc64le	Yes
Operating System	redhat	enterprise_linux_for_power_little_endian_eus	9.0_ppc64le	Yes

References

https://access.redhat.com/errata/RHSA-2023:6209 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:6744 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:7371 ([email protected])
https://access.redhat.com/errata/RHSA-2023:7408 ([email protected])
https://access.redhat.com/errata/RHSA-2023:7464 ([email protected])
https://access.redhat.com/errata/RHSA-2023:7467 ([email protected])
https://access.redhat.com/security/cve/CVE-2023-42669 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2241884 Issue Tracking ([email protected])
https://bugzilla.samba.org/show_bug.cgi?id=15474 Issue Tracking ([email protected])
https://www.samba.org/samba/security/CVE-2023-42669.html Vendor Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:6209 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:6744 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7371 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7408 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7464 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7467 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2023-42669 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2241884 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.samba.org/show_bug.cgi?id=15474 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20231124-0002/ (af854a3a-2127-422b-91ae-364da2661108)
https://www.samba.org/samba/security/CVE-2023-42669.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)