Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2020-0289
HistoryJul 10, 2020 - 11:01 a.m.

Updated samba packages fix security vulnerability

2020-07-1011:01:08
Gentoo Foundation
advisories.mageia.org
18

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.028 Low

EPSS

Percentile

90.7%

JSON

Updated samba packages fix security vulnerabilities: Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-10730). Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service (CVE-2020-10745). Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-10760). The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further requests once it receives a empty (zero-length) UDP packet to port 137 (CVE-2020-14303).

OSVersionArchitecturePackageVersionFilename
Mageia7noarchldb< 1.5.8-1ldb-1.5.8-1.mga7
Mageia7noarchsamba< 4.10.17-1samba-4.10.17-1.mga7

Related

nessus 50
cisa 1
fedora 4
altlinux 1
openvas 48
freebsd 1
suse 4
ubuntu 3
gentoo 1
rosalinux 2
debian 3
osv 6
debiancve 4
samba 4
redhatcve 4
prion 4
alpinelinux 4
veracode 4
ubuntucve 4
nvd 4
cve 4
cvelist 4
almalinux 1
redhat 3
oraclelinux 1
nessus
nessus
Fedora 32 : 2:samba / libldb (2020-ccd9bdb2eb)
2020-07-06 00:00:00
Samba 4.x < 4.10.17 / 4.11.x < 4.11.11 / 4.12.x < 4.12.4 Multiple Vulnerabilities
2020-07-09 00:00:00
openSUSE Security Update : samba (openSUSE-2020-984)
2020-07-20 00:00:00
cisa
cisa
Samba Releases Security Updates
2020-07-03 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: samba-4.12.5-0.fc32
2020-07-04 01:14:40
[SECURITY] Fedora 31 Update: samba-4.11.11-0.fc31
2020-07-18 01:09:09
[SECURITY] Fedora 32 Update: libldb-2.1.4-1.fc32
2020-07-04 01:14:40
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.11.11-alt1
2020-07-07 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-2476)
2020-11-05 00:00:00
Fedora: Security Advisory for libldb (FEDORA-2020-ccd9bdb2eb)
2020-07-04 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-2270)
2020-10-30 00:00:00
freebsd
freebsd
samba -- Multiple Vulnerabilities
2020-07-02 00:00:00
suse
suse
Security update for samba (important)
2020-07-18 00:00:00
Security update for ldb, samba (important)
2020-07-21 00:00:00
Security update for ldb, samba (important)
2020-09-01 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2020-07-02 00:00:00
Samba vulnerability
2020-08-10 00:00:00
Samba vulnerability
2020-08-10 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2020-07-26 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2386
2024-04-02 07:01:49
Advisory ROSA-SA-2021-1967
2021-07-02 18:07:38
debian
debian
[SECURITY] [DLA 2463-1] samba security update
2020-11-23 03:18:54
[SECURITY] [DSA 4884-1] ldb security update
2021-04-02 07:54:04
[SECURITY] [DSA 4884-1] ldb security update
2021-04-02 07:54:04
osv
osv
samba - security update
2020-11-22 00:00:00
CVE-2020-10730
2020-07-07 14:15:10
CVE-2020-10760
2020-07-06 19:15:12
debiancve
debiancve
CVE-2020-14303
2020-07-06 18:15:20
CVE-2020-10760
2020-07-06 19:15:12
CVE-2020-10730
2020-07-07 14:15:10
samba
samba
Empty UDP packet DoS in Samba AD DC nbtd
2020-07-02 00:00:00
LDAP Use-after-free in Samba AD DC Global Catalog with
2020-07-02 00:00:00
Parsing and packing of NBT and DNS packets
2020-07-02 00:00:00
redhatcve
redhatcve
CVE-2020-14303
2020-07-02 09:50:50
CVE-2020-10760
2020-07-02 09:50:50
CVE-2020-10730
2020-07-02 09:50:42
prion
prion
Design/Logic Flaw
2020-07-06 19:15:00
Null pointer dereference
2020-07-07 14:15:00
Design/Logic Flaw
2020-07-06 18:15:00
alpinelinux
alpinelinux
CVE-2020-10760
2020-07-06 19:15:12
CVE-2020-14303
2020-07-06 18:15:20
CVE-2020-10730
2020-07-07 14:15:10
veracode
veracode
Use-after-free
2020-09-07 02:36:41
Denial Of Service (DoS)
2020-09-07 02:39:03
Use-after-Free
2020-07-24 04:08:36
ubuntucve
ubuntucve
CVE-2020-14303
2020-07-06 00:00:00
CVE-2020-10760
2020-07-02 00:00:00
CVE-2020-10730
2020-07-02 00:00:00
nvd
nvd
CVE-2020-14303
2020-07-06 18:15:20
CVE-2020-10760
2020-07-06 19:15:12
CVE-2020-10730
2020-07-07 14:15:10
cve
cve
CVE-2020-10760
2020-07-06 19:15:12
CVE-2020-14303
2020-07-06 18:15:20
CVE-2020-10730
2020-07-07 14:15:10
cvelist
cvelist
CVE-2020-10760
2020-07-06 18:02:10
CVE-2020-14303
2020-07-06 17:12:08
CVE-2020-10730
2020-07-07 13:38:04
almalinux
almalinux
Moderate: libldb security, bug fix, and enhancement update
2020-11-03 12:16:33
redhat
redhat
(RHSA-2020:3119) Moderate: samba security update
2020-07-23 04:26:36
(RHSA-2020:4568) Moderate: libldb security, bug fix, and enhancement update
2020-11-03 12:16:33
(RHSA-2020:3118) Moderate: samba security update
2020-07-23 04:26:33
oraclelinux
oraclelinux
libldb security, bug fix, and enhancement update
2020-11-10 00:00:00

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.028 Low

EPSS

Percentile

90.7%

JSON
Related for MGASA-2020-0289
nessus50cisa1fedora4altlinux1openvas48freebsd1suse4ubuntu3gentoo1rosalinux2debian3osv6debiancve4samba4redhatcve4prion4alpinelinux4veracode4ubuntucve4nvd4cve4cvelist4almalinux1redhat3oraclelinux1