CVE-2020-10745 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Denial of service |
Description | A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP and DNS paclets. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1202 | samba | 4.12.3-2 | 4.12.6-1 | High | Fixed |
Notes |
---|
The vulnerable DNS server (port 53) and NBT server (port 139) is only provided when Samba runs as an Active Directory DC. The implementation provided by nmbd in the file-server configuration is not subject to this issue. In the AD DC, the NBT server can be disabled with 'disable netbios = yes'. |