{"id":"MGASA-2020-0289","summary":"Updated samba packages fix security vulnerability","details":"Updated samba packages fix security vulnerabilities:\n\nAndrew Bartlett discovered that Samba incorrectly handled certain LDAP\nqueries. A remote attacker could use this issue to cause Samba to crash,\nresulting in a denial of service, or possibly execute arbitrary code\n(CVE-2020-10730).\n\nDouglas Bagnall discovered that Samba incorrectly handled certain queries.\nA remote attacker could possibly use this issue to cause a denial of\nservice (CVE-2020-10745).\n\nAndrei Popa discovered that Samba incorrectly handled certain LDAP\nqueries. A remote attacker could use this issue to cause Samba to crash,\nresulting in a denial of service, or possibly execute arbitrary code \n(CVE-2020-10760).\n\nThe AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further\nrequests once it receives a empty (zero-length) UDP packet to port 137\n(CVE-2020-14303).\n","modified":"2026-01-31T09:01:16.758337Z","published":"2020-07-10T08:01:08Z","related":["CVE-2020-10730","CVE-2020-10745","CVE-2020-10760","CVE-2020-14303"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0289.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26893"},{"type":"REPORT","url":"https://www.samba.org/samba/security/CVE-2020-10730.html"},{"type":"REPORT","url":"https://www.samba.org/samba/security/CVE-2020-10745.html"},{"type":"REPORT","url":"https://www.samba.org/samba/security/CVE-2020-10760.html"},{"type":"REPORT","url":"https://www.samba.org/samba/security/CVE-2020-14303.html"},{"type":"REPORT","url":"https://www.samba.org/samba/history/samba-4.10.17.html"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-4409-1"}],"affected":[{"package":{"name":"ldb","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/ldb?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.8-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0289.json"}},{"package":{"name":"samba","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/samba?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.10.17-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0289.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}