Untriaged
Permalink
CVE-2023-42669
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.
References
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry
- RHBZ#2241884 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15474
- https://www.samba.org/samba/security/CVE-2023-42669.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-42669 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241884 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15474 x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-42669.html x_transferred
Affected products
samba
- ==4.18.8
- ==4.17.12
- <4.17.12
- <4.18.8
- *
- ==4.19.0
- ==4.19.1
samba4
Matching in nixpkgs
pkgs.samba4
Standard Windows interoperability suite of programs for Linux and Unix
-
nixos-unstable -
- nixpkgs-unstable 4.22.3
pkgs.sambaFull
Standard Windows interoperability suite of programs for Linux and Unix
-
nixos-unstable -
- nixpkgs-unstable 4.22.3
pkgs.samba4Full
Standard Windows interoperability suite of programs for Linux and Unix
-
nixos-unstable -
- nixpkgs-unstable 4.22.3
Package maintainers
-
@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
-
@jbedo Justin Bedő <cu@cua0.org>