CVE-2023-42669

medium

Description

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.

References

https://www.samba.org/samba/security/CVE-2023-42669.html

https://bugzilla.samba.org/show_bug.cgi?id=15474

https://bugzilla.redhat.com/show_bug.cgi?id=2241884

https://access.redhat.com/security/cve/CVE-2023-42669

https://access.redhat.com/errata/RHSA-2023:7467

https://access.redhat.com/errata/RHSA-2023:7464

https://access.redhat.com/errata/RHSA-2023:7408

https://access.redhat.com/errata/RHSA-2023:7371

https://access.redhat.com/errata/RHSA-2023:6744

https://access.redhat.com/errata/RHSA-2023:6209

Details

Source: Mitre, NVD

Published: 2023-11-06

Updated: 2024-09-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium