CVE-2020-14318
samba: Missing handle permissions check in SMB1/2/3 ChangeNotify
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
Se encontró un fallo en la manera en que samba manejaba los permisos de archivos y directorios. Un usuario autenticado podría usar este fallo para conseguir acceso a determinada información de archivos y directorios que de otra manera no estaría disponible para el atacante
A flaw was found in the way Samba handled file and directory permissions. This flaw allows an authenticated user to gain access to certain file and directory information, which otherwise would be unavailable. The highest threat from this vulnerability is to confidentiality.
Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use this issue to cause winbind to crash, resulting in a denial of service. Francis Brosnan Blázquez discovered that Samba incorrectly handled certain invalid DNS records. A remote attacker could possibly use this issue to cause the DNS server to crash, resulting in a denial of service. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2020-06-17 CVE Reserved
- 2020-11-02 CVE Published
- 2024-10-29 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-266: Incorrect Privilege Assignment
- CWE-269: Improper Privilege Management
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1892631 | 2021-10-05 |
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202012-24 | 2024-07-03 | |
| https://www.samba.org/samba/security/CVE-2020-14318.html | 2024-07-03 | |
| https://access.redhat.com/security/cve/CVE-2020-14318 | 2021-10-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 3.6.0 < 4.11.15 Search vendor "Samba" for product "Samba" and version " >= 3.6.0 < 4.11.15" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 4.12.0 < 4.12.9 Search vendor "Samba" for product "Samba" and version " >= 4.12.0 < 4.12.9" | - |
Affected
| ||||||
| Samba Search vendor "Samba" | Samba Search vendor "Samba" for product "Samba" | >= 4.13.0 < 4.13.1 Search vendor "Samba" for product "Samba" and version " >= 4.13.0 < 4.13.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Storage Search vendor "Redhat" for product "Storage" | 3.0 Search vendor "Redhat" for product "Storage" and version "3.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||