Unrated severityNVD Advisory· Published Nov 6, 2019· Updated Aug 5, 2024
CVE-2019-14847
CVE-2019-14847
Description
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
Affected products
18- osv-coords17 versionspkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 4.7.11+git.186.d75219614c3-lp150.3.18.2+ 16 more
- (no CPE)range: < 4.7.11+git.186.d75219614c3-lp150.3.18.2
- (no CPE)range: < 4.9.5+git.210.ab0549acb05-lp151.2.9.1
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 1.5.8-3.5.1
- (no CPE)range: < 4.9.5+git.210.ab0549acb05-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.7.11+git.186.d75219614c3-4.30.1
- (no CPE)range: < 4.9.5+git.210.ab0549acb05-3.14.1
- (no CPE)range: < 4.7.11+git.186.d75219614c3-4.30.1
- (no CPE)range: < 4.9.5+git.210.ab0549acb05-3.14.1
- (no CPE)range: < 4.7.11+git.186.d75219614c3-4.30.1
- (no CPE)range: < 4.9.5+git.210.ab0549acb05-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- (no CPE)range: < 4.10.17+git.203.862547088ca-3.14.1
- Range: samba 4.0.0 before samba 4.9.15, samba 4.10.x before 4.10.10
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- lists.opensuse.org/opensuse-security-announce/2019-11/msg00015.htmlmitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKPYHDFI7HRELVXBE5J4MTGSI35AKFBI/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQ3IUACPZJXSC4OM6P2V4IC4QMZQZWPD/mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2021/05/msg00023.htmlmitremailing-list
- lists.debian.org/debian-lts-announce/2023/09/msg00013.htmlmitremailing-list
- bugzilla.redhat.com/show_bug.cgimitre
- www.samba.org/samba/security/CVE-2019-14847.htmlmitre
- www.synology.com/security/advisory/Synology_SA_19_35mitre
News mentions
0No linked articles in our index yet.