VDB
DEBIAN-CVE-2014-0239
DEBIAN-CVE-2014-0239
PUBLISHED
CVSS 8.699999809265137 HIGH
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | samba | 0, 0, 0 |
| Debian:11 | samba | 0, 0, 0 |
| Debian:13 | samba | 0, 0, 0 |
| Debian:14 | samba | 0, 0, 0 |
Timeline
- May 28, 2014 CVE Published
- Apr 28, 2026 CVE Updated