|Related CVEs||CVE-2020-1472 CVE-2020-10704 CVE-2020-10745 CVE-2020-14303 CVE-2020-14318 CVE-2020-14323 CVE-2020-14383|
Multiple vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
Unauthenticated domain controller compromise by subverting Netlogon cryptography. This vulnerability includes both ZeroLogon and non-ZeroLogon variations.
An unauthorized user can trigger a denial of service via a stack overflow in the AD DC LDAP server.
Denial of service resulting from abuse of compression of replies to NetBIOS over TCP/IP name resolution and DNS packets causing excessive CPU load on the Samba AD DC.
Denial of service resulting from CPU spin and and inability to process further requests once the AD DC NBT server receives an empty (zero-length) UDP packet to port 137.
Missing handle permissions check in ChangeNotify
Unprivileged user can crash winbind via invalid lookupsids DoS
DNS server crash via invalid records resulting from uninitialized variables
For Debian 8 jessie, these problems have been fixed in version 2:4.2.14+dfsg-0+deb8u14.
We recommend that you upgrade your samba packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/