CVE-2020-10745

Опубликовано: 02 июл. 2020

Источник: redhat

CVSS3: 7.5

Описание

A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability.

A flaw was found in Samba in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability.

Отчет

This flaw does not affect the version of samba shipped with Red Hat Enterprise Linux and Red Hat Gluster Storage 3 because there is no support for samba as Active Directory Domain Controller.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	samba	Not affected
Red Hat Enterprise Linux 5	samba3x	Not affected
Red Hat Enterprise Linux 6	samba	Not affected
Red Hat Enterprise Linux 7	samba	Not affected
Red Hat Enterprise Linux 8	samba	Not affected
Red Hat Storage 3	samba	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=1849491samba: Parsing and packing of NBT and DNS packets can consume excessive CPU

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-10745

CVSS3: 7.5

ubuntu

больше 5 лет назад

CVE-2020-10745

CVSS3: 7.5

nvd

больше 5 лет назад

CVE-2020-10745

CVSS3: 7.5

debian

больше 5 лет назад

A flaw was found in all Samba versions before 4.10.17, before 4.11.11 ...

SUSE-SU-2020:2312-1

suse-cvrf

больше 5 лет назад

Security update for samba

SUSE-SU-2020:2066-1

suse-cvrf

больше 5 лет назад

Security update for samba

7.5 High

CVSS3