Stack-based buffer overflow in samba (Alpine package)



Published: 2020-04-29
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-10704
CWE-ID CWE-121
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe 		samba (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Stack-based buffer overflow

EUVDB-ID: #VU27377

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-10704

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing LDAP queries. A remote unauthenticated attacker can send large CLDAP packets to the affected system, trigger stack overflow and crash the service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

samba (Alpine package): 4.10.2-r0 - 4.10.12-r0

External links

http://git.alpinelinux.org/aports/commit/?id=b430c8e9b07545e7ad2ecf2a3776a51ce0c28b45
http://git.alpinelinux.org/aports/commit/?id=218049ea4e079bdab8556dc80287273eb93f90f1
http://git.alpinelinux.org/aports/commit/?id=1e7e09895fd7887b6fba58b013e2f31f14e7afea
http://git.alpinelinux.org/aports/commit/?id=869dcbdc20fc7828503abbd281f7335db7ec4fc8


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###