Vulnerability/
CVE-2021-3670

6.5

CWE

400

21/4/2022

23/8/2022

3/8/2024

CVE-2021-3670

First published: Thu Apr 21 2022(Updated: )

MaxQueryDuration not honoured in Samba AD DC LDAP

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Samba Samba	>=4.1.0
Redhat Storage	=3.0
Fedoraproject Fedora	=35

Remedy

https://bugzilla.redhat.com/show_bug.cgi?id=2077533

Remedy

https://bugzilla.samba.org/show_bug.cgi?id=14694

Remedy

https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f

Remedy

https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002

Remedy

https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393

Remedy

https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b

Remedy

https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803

Remedy

https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81

Remedy

https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Example email

Reference Links

Frequently Asked Questions

What is the vulnerability ID?
The vulnerability ID is CVE-2021-3670.
What is the title of the vulnerability?
The title of the vulnerability is 'MaxQueryDuration not honoured in Samba AD DC LDAP'.
What is the severity of CVE-2021-3670?
The severity of CVE-2021-3670 is medium with a CVSS score of 6.5.
Which software is affected by CVE-2021-3670?
Samba Samba, Redhat Storage 3.0, and Fedoraproject Fedora 35 are affected by CVE-2021-3670.
How can I fix CVE-2021-3670?
To fix CVE-2021-3670, it is recommended to update to the latest version of Samba or apply the necessary patches provided by the vendor.

collector/nvd-api
collector/nvd-index
agent/type
agent/author
agent/first-publish-date
agent/softwarecombine
agent/references
collector/mitre-cve
source/MITRE
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2021-3670
agent/remedy
agent/severity
agent/weakness
agent/last-modified-date
agent/description
agent/tags
agent/event
vendor/samba
canonical/samba samba
version/samba samba/4.1.0
vendor/redhat
canonical/redhat storage
version/redhat storage/3.0
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/35

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203