Intrusion Prevention

Samba.LDAP.AD.DC.Nested.Filter.DoS

Description

This indicates an attack attempt to exploit a Resource Exhaustion Vulnerability in Samba Team Samba.
The vulnerability is due to insufficient handling of deeply nested filters in LDAP requests. A remote attacker can exploit this vulnerability by sending a crafted SearchRequest message. Successful exploitation will result in the samba process running out of stack and terminating abnormally.

Affected Products

Samba Team Samba prior to 4.10.15
Samba Team Samba prior to 4.11.8
Samba Team Samba prior to 4.12.2

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.samba.org/samba/security/CVE-2020-10704.html

CVE References

CVE-2020-10704