CVE-2015-3223

Source
https://nvd.nist.gov/vuln/detail/CVE-2015-3223
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-3223.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2015-3223
Downstream
Related
Published
2015-12-29T22:59:00Z
Modified
2025-08-09T20:01:27Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

The ldbwildcardcompare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.

References

Affected packages