How severe is CVE-2020-10704?

CVE-2020-10704 has a CVSS v3 score of 7.5 (HIGH).

CVE-2020-10704

Name: fedora
Author: fedoraproject

7.5HIGH

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can

公開日: 5/6/2020更新日: 11/21/2024

説明

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

AI分析AIによる分析

影響を受ける製品

sambasamba

fedoraprojectfedora

opensuseleap

15.2

debiandebian_linux

9.0

参照

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html
Mailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html
Mailing ListThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10704
Issue TrackingThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html
Mailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5KW3ZO35NVDO57JSBZHTQZOS3AIQ5QE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7DVGCHG3XPIBQ5ETGMGW7MXNOO4HFH4/
https://security.gentoo.org/glsa/202007-15
Third Party Advisory
https://www.samba.org/samba/security/CVE-2020-10704.html
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html
Mailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html
Mailing ListThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10704
Issue TrackingThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html
Mailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5KW3ZO35NVDO57JSBZHTQZOS3AIQ5QE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7DVGCHG3XPIBQ5ETGMGW7MXNOO4HFH4/
https://security.gentoo.org/glsa/202007-15
Third Party Advisory
https://www.samba.org/samba/security/CVE-2020-10704.html
Vendor Advisory