Unrated severityNVD Advisory· Published Jun 19, 2019· Updated Aug 4, 2024

CVE-2019-12436

Description

Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.

Affected products

Samba/Sambadescription
osv-coords
pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed
Range: < 4.14.6+git.182.2205d5224e3-1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ3LCJNJ3ONHIRKDSKOTT6QGXALLCHVG/mitrevendor-advisoryx_refsource_FEDORA
usn.ubuntu.com/4018-1/mitrevendor-advisoryx_refsource_UBUNTU
www.securityfocus.com/bid/108823mitrevdb-entryx_refsource_BID
www.samba.org/samba/security/CVE-2019-12436.htmlmitrex_refsource_CONFIRM
www.synology.com/security/advisory/Synology_SA_19_27mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000