7.5

CVE-2020-14303

A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SambaSamba Version >= 4.10.0 < 4.10.17
SambaSamba Version >= 4.11.0 < 4.11.11
SambaSamba Version >= 4.12.0 < 4.12.4
FedoraprojectFedora Version31
OpensuseLeap Version15.1
OpensuseLeap Version15.2
DebianDebian Linux Version9.0
CanonicalUbuntu Linux Version12.04 SwEdition-
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version16.04 SwEditionesm
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version20.04 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.54% 0.878
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-834 Excessive Iteration

The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html
Third Party Advisory
Mailing List
https://security.gentoo.org/glsa/202007-15
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00030.html
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=1851298%3B
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6YLNQ5GRXUKYRUAOFZ4DUBVN4SMTL6Q2/
https://security.netapp.com/advisory/ntap-20200709-0003/
Third Party Advisory
https://usn.ubuntu.com/4454-1/
Third Party Advisory
https://usn.ubuntu.com/4454-2/
Third Party Advisory
https://www.samba.org/samba/security/CVE-2020-14303.html
Vendor Advisory