TTCSIRT-185.112718: TT-CSIRT Advisory – Samba Security Updates
Samba Team has released a security update stating that all versions of Samba from ver 4.0.0 onwards are vulnerable to infinite query recursions caused by CNAME loops.
Attackers can exploit this vulnerability by adding and removing Domain Name Service (DNS) Records by using the ldbadd tool.
Further information on this vulnerability and how it can be mitigated can be found on the Samba Website at https://www.samba.org/samba/security/CVE-2018-14629.html |