vulnerability

FreeBSD: VID-50a1bbc9-fb80-11e9-9e70-005056a311d1 (CVE-2019-14847): samba -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:N/A:P)	Oct 29, 2019	Nov 1, 2019	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:P)

Published

Oct 29, 2019

Added

Nov 1, 2019

Modified

Dec 10, 2025

Description

The samba project reports: Malicious servers can cause Samba client code to return filenames containing path separators to calling code. When the password contains multi-byte (non-ASCII) characters, the check password script does not receive the full password string. Users with the "get changes" extended access right can crash the AD DC LDAP server by requesting an attribute using the range= syntax.

Solutions

freebsd-upgrade-package-samba48freebsd-upgrade-package-samba410freebsd-upgrade-package-samba411

References

CVE-2019-14847
https://attackerkb.com/topics/CVE-2019-14847
CWE-476

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today