vulnerability
FreeBSD: VID-1F6D97DA-8F72-11EB-B3F1-005056A311D1 (CVE-2020-27840): samba -- Multiple Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | 2021-03-24 | 2021-03-28 | 2021-06-03 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
2021-03-24
Added
2021-03-28
Modified
2021-06-03
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-1F6D97DA-8F72-11EB-B3F1-005056A311D1:
The Samba Team reports:
CVE-2020-27840: An anonymous attacker can crash the Samba AD DC
LDAP server by sending easily crafted DNs as
part of a bind request. More serious heap corruption
is likely also possible.
CVE-2021-20277: User-controlled LDAP filter strings against
the AD DC LDAP server may crash the LDAP server.
Solution(s)
freebsd-upgrade-package-samba411freebsd-upgrade-package-samba412freebsd-upgrade-package-samba413freebsd-upgrade-package-samba414
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.