Lucene search
Symantec Security ResponseSMNTC-110652HistoryOct 29, 2019 - 12:00 a.m.
Samba CVE-2019-14847 Remote Denial of Service Vulnerability
2019-10-2900:00:00
Symantec Security Response
www.symantec.com
11
Description
Samba is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Samba version 4.0.0 through 4.10.9 are vulnerable.
Technologies Affected
- Samba Samba 4.0.0
- Samba Samba 4.0.1
- Samba Samba 4.0.10
- Samba Samba 4.0.11
- Samba Samba 4.0.12
- Samba Samba 4.0.13
- Samba Samba 4.0.14
- Samba Samba 4.0.15
- Samba Samba 4.0.16
- Samba Samba 4.0.17
- Samba Samba 4.0.18
- Samba Samba 4.0.19
- Samba Samba 4.0.2
- Samba Samba 4.0.20
- Samba Samba 4.0.21
- Samba Samba 4.0.22
- Samba Samba 4.0.23
- Samba Samba 4.0.24
- Samba Samba 4.0.3
- Samba Samba 4.0.4
- Samba Samba 4.0.5
- Samba Samba 4.0.6
- Samba Samba 4.0.7
- Samba Samba 4.0.8
- Samba Samba 4.0.9
- Samba Samba 4.1.0
- Samba Samba 4.1.1
- Samba Samba 4.1.10
- Samba Samba 4.1.11
- Samba Samba 4.1.13
- Samba Samba 4.1.14
- Samba Samba 4.1.15
- Samba Samba 4.1.16
- Samba Samba 4.1.17
- Samba Samba 4.1.18
- Samba Samba 4.1.19
- Samba Samba 4.1.2
- Samba Samba 4.1.20
- Samba Samba 4.1.21
- Samba Samba 4.1.22
- Samba Samba 4.1.23
- Samba Samba 4.1.3
- Samba Samba 4.1.4
- Samba Samba 4.1.5
- Samba Samba 4.1.6
- Samba Samba 4.1.7
- Samba Samba 4.1.8
- Samba Samba 4.1.9
- Samba Samba 4.10
- Samba Samba 4.10.1
- Samba Samba 4.10.2
- Samba Samba 4.10.3
- Samba Samba 4.10.4
- Samba Samba 4.10.5
- Samba Samba 4.10.7
- Samba Samba 4.10.8
- Samba Samba 4.10.9
- Samba Samba 4.2.0
- Samba Samba 4.2.1
- Samba Samba 4.2.10
- Samba Samba 4.2.11
- Samba Samba 4.2.12
- Samba Samba 4.2.13
- Samba Samba 4.2.14
- Samba Samba 4.2.2
- Samba Samba 4.2.3
- Samba Samba 4.2.4
- Samba Samba 4.2.5
- Samba Samba 4.2.6
- Samba Samba 4.2.7
- Samba Samba 4.2.8
- Samba Samba 4.2.9
- Samba Samba 4.3.0
- Samba Samba 4.3.1
- Samba Samba 4.3.10
- Samba Samba 4.3.11
- Samba Samba 4.3.13
- Samba Samba 4.3.2
- Samba Samba 4.3.3
- Samba Samba 4.3.4
- Samba Samba 4.3.5
- Samba Samba 4.3.6
- Samba Samba 4.3.7
- Samba Samba 4.3.8
- Samba Samba 4.3.9
- Samba Samba 4.4.0
- Samba Samba 4.4.1
- Samba Samba 4.4.10
- Samba Samba 4.4.11
- Samba Samba 4.4.12
- Samba Samba 4.4.14
- Samba Samba 4.4.15
- Samba Samba 4.4.16
- Samba Samba 4.4.2
- Samba Samba 4.4.3
- Samba Samba 4.4.4
- Samba Samba 4.4.5
- Samba Samba 4.4.6
- Samba Samba 4.4.7
- Samba Samba 4.4.8
- Samba Samba 4.4.9
- Samba Samba 4.5.0
- Samba Samba 4.5.1
- Samba Samba 4.5.10
- Samba Samba 4.5.12
- Samba Samba 4.5.13
- Samba Samba 4.5.14
- Samba Samba 4.5.15
- Samba Samba 4.5.16
- Samba Samba 4.5.2
- Samba Samba 4.5.3
- Samba Samba 4.5.4
- Samba Samba 4.5.5
- Samba Samba 4.5.6
- Samba Samba 4.5.7
- Samba Samba 4.6.0
- Samba Samba 4.6.1
- Samba Samba 4.6.11
- Samba Samba 4.6.14
- Samba Samba 4.6.16
- Samba Samba 4.6.4
- Samba Samba 4.6.6
- Samba Samba 4.6.7
- Samba Samba 4.6.8
- Samba Samba 4.7.0
- Samba Samba 4.7.1
- Samba Samba 4.7.12
- Samba Samba 4.7.2
- Samba Samba 4.7.3
- Samba Samba 4.7.4
- Samba Samba 4.7.5
- Samba Samba 4.7.6
- Samba Samba 4.7.7
- Samba Samba 4.7.8
- Samba Samba 4.7.9
- Samba Samba 4.8.0
- Samba Samba 4.8.1
- Samba Samba 4.8.10
- Samba Samba 4.8.11
- Samba Samba 4.8.12
- Samba Samba 4.8.2
- Samba Samba 4.8.3
- Samba Samba 4.8.4
- Samba Samba 4.8.6
- Samba Samba 4.8.7
- Samba Samba 4.8.8
- Samba Samba 4.8.9
- Samba Samba 4.9.0
- Samba Samba 4.9.1
- Samba Samba 4.9.12
- Samba Samba 4.9.13
- Samba Samba 4.9.2
- Samba Samba 4.9.3
- Samba Samba 4.9.4
- Samba Samba 4.9.5
- Samba Samba 4.9.6
- Samba Samba 4.9.7
- Samba Samba 4.9.8
- Samba Samba 4.9.9
- Ubuntu Ubuntu Linux 12.04 ESM
- Ubuntu Ubuntu Linux 14.04 ESM
- Ubuntu Ubuntu Linux 16.04 LTS
- Ubuntu Ubuntu Linux 18.04 LTS
- Ubuntu Ubuntu Linux 19.04
- Ubuntu Ubuntu Linux 19.10
Recommendations
Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, block access at the network perimeter to computers running the vulnerable application
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.
Updates are available. Please see the references or vendor advisory for more information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| samba samba | eq | 4.3.5 | |
| samba samba | eq | 4.2.2 | |
| samba samba | eq | 4.1.6 | |
| samba samba | eq | 4.0.6 | |
| samba samba | eq | 4.0.22 | |
| samba samba | eq | 4.0.11 | |
| samba samba | eq | 4.6.16 | |
| samba samba | eq | 4.7.9 | |
| samba samba | eq | 4.8.10 | |
| samba samba | eq | 4.4.5 |
References
Related
redhatcve
redhatcve
CVE-2019-14847
2019-10-30 05:25:31
osv
osv
CVE-2019-14847
2019-11-06 10:15:10
samba - security update
2023-09-12 00:00:00
samba - security update
2021-05-29 00:00:00
ubuntucve
ubuntucve
CVE-2019-14847
2019-10-29 00:00:00
prion
prion
Code injection
2019-11-06 10:15:00
samba
samba
User with "get changes" permission can
2019-10-29 00:00:00
alpinelinux
alpinelinux
CVE-2019-14847
2019-11-06 10:15:00
nessus
nessus
Samba 4.x < 4.9.15 / 4.10.x < 4.10.10 AD DC LDAP Server Denial of Service (CVE-2019-14847)
2019-11-08 00:00:00
EulerOS 2.0 SP8 : samba (EulerOS-SA-2019-2303)
2019-11-27 00:00:00
EulerOS 2.0 SP5 : samba (EulerOS-SA-2019-2547)
2019-12-09 00:00:00
debiancve
debiancve
CVE-2019-14847
2019-11-06 10:15:00
cve
cve
CVE-2019-14847
2019-11-06 10:15:00
openvas
openvas
Samba DoS Vulnerability (CVE-2019-14847)
2019-10-30 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2303)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-4167-2)
2022-08-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-08-06 21:36:10
ubuntu
ubuntu
Samba vulnerabilities
2019-10-29 00:00:00
Samba vulnerabilities
2019-10-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package samba-DC version 4.9.15-alt1
2019-11-05 00:00:00
Security fix for the ALT Linux 10 package samba version 4.10.10-alt1
2019-10-29 00:00:00
Security fix for the ALT Linux 8 package samba version 4.9.15-alt1
2019-11-05 00:00:00
ibm
ibm
cisa
cisa
Samba Releases Security Updates
2019-10-29 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2019-09-29 00:00:00
suse
suse
Security update for samba (important)
2019-11-09 00:00:00
Security update for samba (important)
2019-11-05 00:00:00
archlinux
archlinux
[ASA-201911-6] samba: multiple issues
2019-11-03 00:00:00
mageia
mageia
Updated samba packages fix security vulnerabilities
2019-12-19 16:44:26
fedora
fedora
[SECURITY] Fedora 30 Update: samba-4.10.10-0.fc30
2019-11-16 01:04:31
[SECURITY] Fedora 30 Update: samba-4.10.11-0.fc30
2020-01-03 20:36:23
[SECURITY] Fedora 30 Update: samba-4.10.13-0.fc30
2020-02-08 01:39:00
debian
debian
[SECURITY] [DLA 3563-1] samba security update
2023-09-14 14:43:46
[SECURITY] [DLA 2668-1] samba security update
2021-05-29 11:11:49
Related for SMNTC-110652