vulnerability
FreeBSD: VID-5f0dd349-40a2-11ea-8d8c-005056a311d1 (CVE-2019-19344): samba -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Jan 27, 2020 | Jan 27, 2020 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Jan 27, 2020
Added
Jan 27, 2020
Modified
Dec 10, 2025
Description
The Samba Team reports: CVE-2019-14902 The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers. CVE-2019-14907 When processing untrusted string input Samba can read past the end of the allocated buffer when printing a "Conversion error" message to the logs. CVE-2019-19344 During DNS zone scavenging (of expired dynamic entries) there is a read of memory after it has been freed.
Solutions
freebsd-upgrade-package-samba410freebsd-upgrade-package-samba411
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.