vulnerability
FreeBSD: VID-3C7911C9-8A29-11EA-8D8C-005056A311D1 (CVE-2020-10704): samba -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Apr 28, 2020 | Apr 30, 2020 | Oct 20, 2020 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Apr 28, 2020
Added
Apr 30, 2020
Modified
Oct 20, 2020
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-3C7911C9-8A29-11EA-8D8C-005056A311D1:
The Samba Team reports:
CVE-2020-10700
A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
use-after-free in Samba's AD DC LDAP server.
CVE-2020-10704
A deeply nested filter in an un-authenticated LDAP search can exhaust the
LDAP server's stack memory causing a SIGSEGV.
Solution(s)
freebsd-upgrade-package-samba410freebsd-upgrade-package-samba411freebsd-upgrade-package-samba412
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.