| VID |
23314 |
| Severity |
30 |
| Port |
139 |
| Protocol |
TCP |
| Class |
Samba |
| Detailed Description |
The version of Samba running on the remote host is 4.x prior to 4.10.17, 4.11.x prior to 4.11.11, or 4.12.x prior to 4.12.4. It is, therefore, affected by multiple vulnerabilities, including the following:
- The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further requests once it receives an empty (zero-length) UDP packet to port 137. (CVE-2020-14303)
- Compression of replies to NetBIOS over TCP/IP name resolution and DNS packets (which can be supplied as UDP requests) can be abused to consume excessive amounts of CPU on the Samba AD DC (only).
(CVE-2020-10745)
- The use of the paged_results or VLV controls against the Global Catalog LDAP server on the AD DC will cause a use-after-free. (CVE-2020-10760)
* References:
https://www.samba.org/samba/security/CVE-2020-10730.html
https://www.samba.org/samba/security/CVE-2020-10760.html
https://www.samba.org/samba/security/CVE-2020-10745.html
https://www.samba.org/samba/security/CVE-2020-14303.html
https://www.samba.org/samba/latest_news.html#4.12.4
* Platforms Affected:
Samba Project, Samba versions 4.10.x before 4.10.17
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Samba 4.10.17 or later, available from the Samba Web site at https://www.samba.org/samba/download/ |
| Related URL |
CVE-2020-10730,CVE-2020-10745,CVE-2020-10760,CVE-2020-14303 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
