Use-after-free vulnerability in Samba AD DC LDAP servers allows for denial of service

Use-after-free vulnerability in Samba AD DC LDAP servers allows for denial of service

CVE-2020-10700 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

Learn more about our Cis Benchmark Audit For Server Software.