CVE-2018-14629

2018-11-2814:29:00

Google

osv.dev

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.7%

JSON

A denial of service vulnerability was discovered in Samba’s LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.

CPENameOperatorVersion
sambaeq3.6.1-r0
sambaeq3.5.6-r0
sambaeq4.8.1-r0
sambaeq4.1.15-r0
sambaeq4.1.2-r0
sambaeq4.1.11-r0
sambaeq4.7.6-r0
sambaeq4.8.4-r1
sambaeq3.6.3-r0
sambaeq4.4.3-r0

Name	Operator	Version
samba	eq	3.6.1-r0
samba	eq	3.5.6-r0
samba	eq	4.8.1-r0
samba	eq	4.1.15-r0
samba	eq	4.1.2-r0
samba	eq	4.1.11-r0
samba	eq	4.7.6-r0
samba	eq	4.8.4-r1
samba	eq	3.6.3-r0
samba	eq	4.4.3-r0