Vulnerability CVE-2019-12436

Vulnerability Name:

CVE-2019-12436 (CCN-162847)

Assigned:

2019-06-19

Published:

2019-06-19

Updated:

2019-06-20

Summary:

Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2019-12436

Source: BID
Type: UNKNOWN
108823

Source: XF
Type: UNKNOWN
samba-cve201912436-dos(162847)

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-8015e5dc40

Source: UBUNTU
Type: Third Party Advisory
USN-4018-1

Source: CCN
Type: Samba Web site
Samba AD DC LDAP server crash (paged searches)

Source: CONFIRM
Type: Vendor Advisory
https://www.samba.org/samba/security/CVE-2019-12436.html

Source: CONFIRM
Type: UNKNOWN
https://www.synology.com/security/advisory/Synology_SA_19_27

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-12436

Vulnerable Configuration:

Configuration 1:

cpe:/a:samba:samba:*:*:*:*:*:*:*:* (Version >= 4.10.0 and < 4.10.5)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:samba:samba:4.10.4:*:*:*:*:*:*:*

OR cpe:/a:samba:samba:4.10.3:*:*:*:*:*:*:*

OR cpe:/a:samba:samba:4.10.2:*:*:*:*:*:*:*

OR cpe:/a:samba:samba:4.10.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201912436	V	CVE-2019-12436	2023-06-22
oval:org.opensuse.security:def:7469	P	cpp7-7.5.0+r278197-4.30.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7661	P	libsamba-errors-devel-4.13.13+git.539.fdbc44a8598-3.20.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7447	P	bcel-5.2-150200.11.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7662	P	libsamba-policy-devel-4.17.7+git.330.4057cd7a27a-150500.1.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:723	P	Security update for postgresql14 (Important)	2022-09-01
oval:org.opensuse.security:def:6343	P	Security update for freerdp (Critical)	2022-07-11
oval:org.opensuse.security:def:3164	P	libdcerpc-binding0-32bit-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3072	P	fuse-2.9.3-6.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3584	P	libdcerpc-binding0-32bit-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3071	P	ft2demos-2.6.3-7.15.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94701	P	libsamba-errors-devel-4.13.13+git.539.fdbc44a8598-3.20.2 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94702	P	libsamba-policy-devel-4.15.5+git.328.f1f29505d84-150400.1.44 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:129	P	libdcerpc-binding0-32bit-4.13.4+git.187.5ad4708741a-1.34 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:1058	P	Security update for MozillaFirefox (Important)	2022-04-07
oval:org.opensuse.security:def:112125	P	ctdb-4.14.6+git.182.2205d5224e3-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:69815	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:10431	P	Security update for xorg-x11-server (Important)	2021-12-21
oval:org.opensuse.security:def:10385	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:7294	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:6488	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:93779	P	(Important)	2021-12-06
oval:org.opensuse.security:def:10363	P	Security update for tomcat (Important)	2021-11-16
oval:org.opensuse.security:def:105662	P	Security update for MozillaFirefox (Important)	2021-11-10
oval:org.opensuse.security:def:10355	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:10663	P	Security update for ffmpeg (Moderate)	2021-10-26
oval:org.opensuse.security:def:7272	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3) (Important)	2021-10-12
oval:org.opensuse.security:def:8647	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:10654	P	Security update for MozillaThunderbird (Important)	2021-08-30
oval:org.opensuse.security:def:69710	P	Security update for fetchmail (Moderate)	2021-08-20
oval:org.opensuse.security:def:14983	P	libdcerpc-binding0-32bit-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48103	P	libdcerpc-binding0-32bit-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:100905	P	libdcerpc-binding0-32bit-4.13.4+git.187.5ad4708741a-1.34 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62147	P	libdcerpc-binding0-32bit-4.13.4+git.187.5ad4708741a-1.34 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71888	P	libdcerpc-binding0-32bit-4.13.4+git.187.5ad4708741a-1.34 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:8628	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:8811	P	Security update for MozillaFirefox (Important)	2021-07-27
oval:org.opensuse.security:def:6451	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:8798	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:8613	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:8789	P	Security update for salt (Critical)	2021-06-21
oval:org.opensuse.security:def:6470	P	Security update for the Linux Kernel (Important)	2021-06-15
oval:org.opensuse.security:def:8780	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:11336	P	libXcursor1-1.1.14-3.60 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11314	P	gnome-shell-3.10.4-22.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10676	P	Security update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly (Important)	2021-06-01
oval:org.opensuse.security:def:8747	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:8566	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:8722	P	Security update for ruby2.5 (Important)	2021-03-24
oval:org.opensuse.security:def:9471	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:6321	P	Security update for evolution-data-server (Moderate)	2021-03-19
oval:org.opensuse.security:def:9449	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:6313	P	Security update for python (Important)	2021-02-11
oval:org.opensuse.security:def:6720	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15) (Important)	2021-02-10
oval:org.opensuse.security:def:6645	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15) (Important)	2020-12-07
oval:org.opensuse.security:def:100492	P	libdcerpc-binding0-32bit-4.11.5+git.161.74bc5e6ec8e-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61812	P	libdcerpc-binding0-32bit-4.11.5+git.161.74bc5e6ec8e-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12977	P	libdcerpc-binding0-32bit-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71553	P	libdcerpc-binding0-32bit-4.11.5+git.161.74bc5e6ec8e-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4014	P	libndr-devel-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107158	P	libdcerpc-binding0-32bit-4.11.5+git.161.74bc5e6ec8e-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16850	P	libndr-devel-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116716	P	libdcerpc-binding0-32bit-4.11.5+git.161.74bc5e6ec8e-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12802	P	ctdb-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:6389	P	libjavascriptcoregtk-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38279	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6570	P	coreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66367	P	cpp7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8490	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10512	P	libjpeg62-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6626	P	gstreamer-0_10-plugins-base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37555	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36972	P	mozilla-nspr-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8520	P	shim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37439	P	ghostscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10478	P	libXv-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6796	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6564	P	busybox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37488	P	libXcursor1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49164	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36752	P	squashfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6745	P	libpulse-mainloop-glib0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37220	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6634	P	gzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6436	P	libspice-server1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6603	P	freerdp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6496	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10587	P	polkit-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38237	P	lcms2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37599	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37073	P	autofs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6612	P	gimp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66459	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73150	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36740	P	python-libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6545	P	zoo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10493	P	libexif-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6809	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6611	P	ghostscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37527	P	libgssglue1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36836	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6778	P	libvte9 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8498	P	powerpc-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37380	P	apache2-mod_apparmor on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49110	P	graphviz on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73032	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6787	P	libzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6518	P	telepathy-gabble on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10612	P	xorg-x11-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36741	P	python-pyOpenSSL on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37130	P	gnome-settings-daemon on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6621	P	gpgme on GA media (Moderate)	2020-12-01
oval:com.ubuntu.cosmic:def:2019124360000000	V	CVE-2019-12436 on Ubuntu 18.10 (cosmic) - medium.	2019-06-19
oval:com.ubuntu.bionic:def:2019124360000000	V	CVE-2019-12436 on Ubuntu 18.04 LTS (bionic) - medium.	2019-06-19
oval:com.ubuntu.xenial:def:2019124360000000	V	CVE-2019-12436 on Ubuntu 16.04 LTS (xenial) - medium.	2019-06-19
oval:com.ubuntu.disco:def:2019124360000000	V	CVE-2019-12436 on Ubuntu 19.04 (disco) - medium.	2019-06-19

BACK