ldb: Denial of Service Attack on DNS and LDAP server (CVE-2018-1140)
Missing input sanitization checks on some of the input parameters to
LDB database layer cause the LDAP server and DNS server to crash when
following a NULL pointer.
Fixed In Version:
ldb 1.4.1, ldb 1.3.5
References:
https://www.samba.org/samba/security/CVE-2018-1140.html
https://www.samba.org/samba/history/security.html
(from redmine: issue id 9254, created on 2018-08-16, closed on 2018-08-23)
- Relations:
- copied_to #9255 (closed)
- copied_to #9256 (closed)
- copied_to #9257 (closed)
- copied_to #9258 (closed)
- copied_to #9259 (closed)
- child #9255 (closed)
- child #9256 (closed)
- child #9257 (closed)
- child #9258 (closed)
- child #9259 (closed)