ALPINE-CVE-2020-14383
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 02 Dec 2020, 01:15
Last modified:03 Dec 2025, 22:46
Vulnerability Summary
Overall Risk (default)
medium
26/100 CVSS Score
6.5 MEDIUM
3.1 (osv_alpine)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
02 Dec 2020, 01:15
Published
Vulnerability first disclosed
03 Dec 2025, 22:46
Last Modified
Vulnerability information updated
Description
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.
CVSS Metrics
- v3.1•MEDIUM•Score: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- alpine•samba
< 4.11.16-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0 | < 4.12.9-r0