Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2014-0239

The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.

  • Published: May 28, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-0239
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
samba / samba 4.1.0 4.1.8
samba / samba 4.0.0 4.0.18