Korean
<< Back
VID 23321
Severity 30
Port 139
Protocol TCP
Class Samba
Detailed Description The version of Samba running on the remote host is 3.6.x prior to 4.11.15, 4.12.x prior to 4.12.9, or 4.13.x prior to 4.13.1. It is, therefore, potentially affected by multiple vulnerabilities, including the following:

- A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the Winbind service causing denial of service. (CVE-2020-14323)

- A missing permissions check on a directory handle can leak file name information to unprivileged accounts. (CVE-2020-14318)

- An error in Samba's dnsserver RPC pipe when no data is present in the DNS records additional section. An authenticated, non-admin user can exploit this to crash the DNS server by adding invalid records. (CVE-2020-14383)

* References:
https://www.samba.org/samba/security/CVE-2020-14383.html
https://www.samba.org/samba/security/CVE-2020-14323.html
https://www.samba.org/samba/security/CVE-2020-14318.html
https://www.samba.org/samba/history/security.html

* Platforms Affected:
Samba Project, Samba versions 4.13.x before 4.13.1
Linux Any version
Unix Any version
Recommendation Upgrade to the latest version of Samba 4.13.1 or later, available from the Samba Web site at https://www.samba.org/samba/download/
Related URL CVE-2020-14318,CVE-2020-14323,CVE-2020-14383 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)