- Vulnerability/
- USN-4409-1
USN-4409-1: Samba vulnerabilities
First published: Thu Jul 02 2020(Updated: )
Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10730) Douglas Bagnall discovered that Samba incorrectly handled certain queries. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-10745) Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10760)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/samba | <2:4.11.6+dfsg-0ubuntu1.3 | 2:4.11.6+dfsg-0ubuntu1.3 |
| =20.04 | ||
| All of | ||
| ubuntu/samba | <2:4.10.7+dfsg-0ubuntu2.6 | 2:4.10.7+dfsg-0ubuntu2.6 |
| =19.10 | ||
| All of | ||
| ubuntu/samba | <2:4.7.6+dfsg~ubuntu-0ubuntu2.17 | 2:4.7.6+dfsg~ubuntu-0ubuntu2.17 |
| =18.04 | ||
| All of | ||
| ubuntu/samba | <2:4.3.11+dfsg-0ubuntu0.16.04.28 | 2:4.3.11+dfsg-0ubuntu0.16.04.28 |
| =16.04 | ||
| All of | ||
| ubuntu/samba | <2:4.3.11+dfsg-0ubuntu0.14.04.20+esm7 | 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm7 |
| =14.04 | ||
| All of | ||
| ubuntu/samba | <2:3.6.25-0ubuntu0.12.04.20 | 2:3.6.25-0ubuntu0.12.04.20 |
| =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2020-10730
- https://ubuntu.com/security/CVE-2020-10745
- https://ubuntu.com/security/CVE-2020-10760
- https://launchpad.net/ubuntu/+source/samba/2:4.11.6+dfsg-0ubuntu1.3
- https://launchpad.net/ubuntu/+source/samba/2:4.10.7+dfsg-0ubuntu2.6
- https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.17
- https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.28
- https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.20+esm7
- https://launchpad.net/ubuntu/+source/samba/2:3.6.25-0ubuntu0.12.04.20
- https://ubuntu.com/security/notices/USN-4409-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2020-10730?
The severity of CVE-2020-10730 is high.
How do I fix the Samba vulnerability (CVE-2020-10745) in Ubuntu 20.04?
To fix the Samba vulnerability (CVE-2020-10745) in Ubuntu 20.04, update the samba package to version 2:4.11.6+dfsg-0ubuntu1.3 or later.
Is Ubuntu 18.04 affected by the Samba vulnerability (CVE-2020-10760)?
Yes, Ubuntu 18.04 is affected by the Samba vulnerability (CVE-2020-10760).
Where can I find more information about the Samba vulnerabilities?
You can find more information about the Samba vulnerabilities on the Ubuntu Security Notices website.
- agent/references
- agent/type
- agent/severity
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/title
- agent/description
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/tags
- agent/event
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/20.04
- version/ubuntu ubuntu/19.10
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04
- version/ubuntu ubuntu/12.04