PT-2020-6707 · Samba+5 · Samba+5

Published

2020-10-29

Updated

2024-06-15

CVE-2020-14383

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions samba (affected versions not specified)

Description A flaw was found in samba's DNS server, allowing an authenticated user to crash the RPC server. Although the RPC server will be restarted after a short delay, it can be easily crashed again by an authenticated non-administrative attacker as soon as it returns. The Samba DNS server will continue to operate, but many RPC services will not. The issue is related to an uninitialised memory dereference, enabling attackers to cause the RPC server to crash.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-391

Related Identifiers

ALT-PU-2020-3188

ALT-PU-2020-3215

ALT-PU-2020-3271

ALT-PU-2020-3406

ALT-PU-2021-1580

AZL-36990

AZL-7349

BDU:2022-05695

CVE-2020-14383

DLA-2463-1

DLA-3792-1

ECHO-9156-CE37-B9E6

MGASA-2020-0410

OPENSUSE-SU-2020:1811-1

OPENSUSE-SU-2020:1819-1

OPENSUSE-SU-2020_1811-1

OPENSUSE-SU-2020_1819-1

OPENSUSE-SU-2024:11365-1

SUSE-SU-2020:3081-1

SUSE-SU-2020:3082-1

SUSE-SU-2020:3087-1

SUSE-SU-2020:3092-1

SUSE-SU-2020:3093-1

SUSE-SU-2021:0185-1

USN-4611-1

USN-4931-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Samba

Suse

Ubuntu

PT-2020-6707 · Samba+5 · Samba+5

CVE-2020-14383

Weakness Enumeration

Related Identifiers

Affected Products

References · 147