VYPR

Samba AD LDAP server

by Samba (software)

CVEs (3)

  • CVE-2020-10730MedJul 7, 2020
    risk 0.42cvss 6.5epss 0.02

    A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is…

  • CVE-2022-32746MedAug 25, 2022
    risk 0.35cvss 5.4epss 0.01

    A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as…

  • CVE-2020-10700MedMay 4, 2020
    risk 0.35cvss 5.3epss 0.02

    A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before…