CVE-2019-12436
Description
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
4.37
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SMB/CIFS file, print, and login server for Unix (USN-4018-1) samba_4.10.0+dfsg-0ubuntu2.2_i386.deb | Linux |
| SMB/CIFS file, print, and login server for Unix (USN-4018-1) samba_4.10.0+dfsg-0ubuntu2.2_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234