CVE-2023-42670
Summary
A flaw in Samba allows for multiple incompatible RPC listeners to be initiated, disrupting Active Directory Domain Controller (AD DC) services. This occurs when Samba's RPC server is under heavy load or unresponsive, causing non-AD DC servers to start and compete for the same sockets. The vulnerability can lead to partial query responses and errors when using AD tools.
IFF Assessment
This vulnerability allows an attacker to disrupt critical AD DC services, impacting the availability and integrity of domain controllers.
Severity
Defender Context
This vulnerability in Samba, an open-source implementation of the SMB/CIFS networking protocol, poses a significant risk to environments using it as an AD DC. Defenders should ensure Samba is updated to patch this flaw to prevent service disruptions and potential denial-of-service attacks against domain controllers.