vulnerability
FreeBSD: VID-9CA85B7C-1B31-11EB-8762-005056A311D1 (CVE-2020-14318): samba -- Multiple Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Oct 29, 2020 | Nov 1, 2020 | Dec 16, 2020 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Oct 29, 2020
Added
Nov 1, 2020
Modified
Dec 16, 2020
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-9CA85B7C-1B31-11EB-8762-005056A311D1:
The Samba Team reports:
CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify
CVE-2020-14323: Unprivileged user can crash winbind
CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records
Solution(s)
freebsd-upgrade-package-samba410freebsd-upgrade-package-samba411freebsd-upgrade-package-samba412freebsd-upgrade-package-samba413
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.