CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2020-10704
https://notcve.org/view.php?id=CVE-2020-10704
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2. Se encontró un fallo cuando se usa samba como un Active Directory Domain Controller. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00002.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10704 https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5KW3ZO35NVDO57JSBZHTQZOS3AIQ5QE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7DVGCHG3XPIBQ5ETGMGW7MXNOO4HFH4 htt • CWE-674: Uncontrolled Recursion •