Intrusion Prevention

Samba.DNS.Reply.Flag.DoS

Description

This indicates an attack attempt to exploit a Denial of Service vulnerability in Samba.
The vulnerability is due to insufficient sanitizing when handling a maliciously crafted DNS Query. A remote attacker can exploit this to cause a denial of service condition on vulnerable systems.

Affected Products

Samba Team Samba 4.0.x prior to 4.0.18
Samba Team Samba 4.1.x prior to 4.1.8

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.samba.org/samba/history/security.html

CVE References

CVE-2014-0239