PT-2021-2610 · Samba+6 · Samba+6

Published

2021-03-24

·

Updated

2024-06-15

·

CVE-2020-27840

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)
Description The issue is related to a buffer overflow, where data can be read beyond the specified buffer, potentially allowing a remote attacker to cause the application to crash. The threat posed by this issue is primarily to system availability. It involves the handling of domain names (DN) with spaces, which can lead to invalid DN strings and the writing of a zero-byte into out-of-bounds memory.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2021-1548
ALT-PU-2021-1556
ALT-PU-2021-1568
ALT-PU-2021-1580
ALT-PU-2021-2045
ALT-PU-2021-2081
AZL-36997
AZL-45414
AZL-7351
BDU:2021-02099
CVE-2020-27840
DLA-2611-1
DSA-4884-1
ECHO-3B38-C4B7-F66D
MGASA-2021-0287
OESA-2021-1207
OPENSUSE-SU-2021:0469-1
OPENSUSE-SU-2021:0636-1
OPENSUSE-SU-2021:3187-1
OPENSUSE-SU-2021_0469-1
OPENSUSE-SU-2021_0636-1
OPENSUSE-SU-2021_3187-1
OPENSUSE-SU-2022:0283-1
OPENSUSE-SU-2022_0283-1
OPENSUSE-SU-2024:10911-1
OPENSUSE-SU-2024:11365-1
SUSE-SU-2021:0944-1
SUSE-SU-2021:0945-1
SUSE-SU-2021:1440-1
SUSE-SU-2021:1444-1
SUSE-SU-2021:1498-1
SUSE-SU-2021:3187-1
SUSE-SU-2021_0944-1
SUSE-SU-2021_0945-1
SUSE-SU-2021_1444-1
SUSE-SU-2021_1498-1
SUSE-SU-2021_3187-1
SUSE-SU-2022:0283-1
USN-4888-1
USN-4888-2

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Samba
Suse
Ubuntu