FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

samba -- Multiple Vulnerabilities

Affected packages
	samba410	<=	4.10.18
	samba411	<	4.11.15
	samba412	<	4.12.9
	samba413	<	4.13.1

Details

VuXML ID	9ca85b7c-1b31-11eb-8762-005056a311d1
Discovery	2020-10-29
Entry	2020-10-30

The Samba Team reports:

CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify

CVE-2020-14323: Unprivileged user can crash winbind

CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records

[source]

References

CVE Name	CVE-2020-14318
CVE Name	CVE-2020-14323
CVE Name	CVE-2020-14383
URL	https://www.samba.org/samba/security/CVE-2020-14318.html
URL	https://www.samba.org/samba/security/CVE-2020-14323.html
URL	https://www.samba.org/samba/security/CVE-2020-14383.html