DEBIAN-CVE-2020-10704
Advisory lineage Upstream: 1 Downstream: 1
Upstream
Downstream
Published: 06 May 2020, 14:15
Last modified:28 Apr 2026, 20:21
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.5 HIGH
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
06 May 2020, 14:15
Published
Vulnerability first disclosed
28 Apr 2026, 20:21
Last Modified
Vulnerability information updated
Description
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- debian•samba
< 2:4.12.3+dfsg-2 | < 2:4.12.3+dfsg-2 | < 2:4.12.3+dfsg-2 | < 2:4.12.3+dfsg-2