Samba ldb_wildcard_compare Out-of-Bounds Read Denial of Service Vulnerability [CVE-2019-3824]

CVE Number – CVE-2019-3824

A vulnerability in the ldb_wildcard_compare function of Samba could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.The vulnerability is due to an out-of-bounds read error in the ldb_wildcard_compare function of the affected software when issuing a specific search expression. An attacker could exploit this vulnerability by using a specific search expression passed to the affected software. A successful exploit could allow the attacker to crash the shared Lightweight Directory Access Protocol (LDAP) process of Samba, resulting in a DoS condition on the targeted system.Samba has confirmed this vulnerability and released software updates.

Analysis

• To successfully exploit this vulnerability, the attacker must have network access and be an authenticated user in order to submit searches to the targeted system. These requirements could reduce the likelihood of a successful exploit.

Safeguards

• Administrators are advised to apply the appropriate updates.Administrators are advised to allow only trusted users to have network access.Administrators are advised to run both firewall and antivirus applications to minimize the potential of inbound and outbound threats.Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.Administrators can help protect affected systems from external attacks by using a solid firewall strategy.Administrators are advised to monitor affected systems.

Vendor Announcements

• Samba has released a security announcement at the following link: Out of bound read in ldb_wildcard_compare
  

Fixed Software

• Samba has released software patches at the following link: Samba Security Releases