Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

TTCSIRT-185.112718: TT-CSIRT Advisory – Samba Security Updates

27th November 2018

Samba Team has released a security update stating that all versions of Samba from ver 4.0.0 onwards are vulnerable to infinite query recursions caused by CNAME loops.

Attackers can exploit this vulnerability by adding and removing Domain Name Service (DNS) Records by using the ldbadd tool.

Further information on this vulnerability and how it can be mitigated can be found on the Samba Website at https://www.samba.org/samba/security/CVE-2018-14629.html