Vulnerability Description
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samba | Samba | >= 4.0.0, < 4.17.12 |
| Redhat | Storage | 3.0 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux Eus | 9.0 |
| Redhat | Enterprise Linux For Ibm Z Systems | 9.0_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 9.0_s390x |
| Redhat | Enterprise Linux For Power Little Endian | 9.0_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 9.0_ppc64le |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2023:6209Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:6744Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:7371
- https://access.redhat.com/errata/RHSA-2023:7408
- https://access.redhat.com/errata/RHSA-2023:7464
- https://access.redhat.com/errata/RHSA-2023:7467
- https://access.redhat.com/security/cve/CVE-2023-42669Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2241884Issue Tracking
- https://bugzilla.samba.org/show_bug.cgi?id=15474Issue Tracking
- https://www.samba.org/samba/security/CVE-2023-42669.htmlVendor Advisory
- https://access.redhat.com/errata/RHSA-2023:6209Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:6744Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:7371
- https://access.redhat.com/errata/RHSA-2023:7408
- https://access.redhat.com/errata/RHSA-2023:7464
FAQ
What is CVE-2023-42669?
CVE-2023-42669 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be block...
How severe is CVE-2023-42669?
CVE-2023-42669 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-42669?
Check the references section above for vendor advisories and patch information. Affected products include: Samba Samba, Redhat Storage, Redhat Enterprise Linux, Redhat Enterprise Linux Eus, Redhat Enterprise Linux For Ibm Z Systems.