CVE - CVE-2019-14861

CVE-ID
CVE-2019-14861	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14861 URL:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14861 CONFIRM:https://security.netapp.com/advisory/ntap-20191210-0002/ URL:https://security.netapp.com/advisory/ntap-20191210-0002/ CONFIRM:https://www.samba.org/samba/security/CVE-2019-14861.html URL:https://www.samba.org/samba/security/CVE-2019-14861.html CONFIRM:https://www.synology.com/security/advisory/Synology_SA_19_40 URL:https://www.synology.com/security/advisory/Synology_SA_19_40 FEDORA:FEDORA-2019-11dddb785b URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE/ FEDORA:FEDORA-2019-be98a08835 URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJH3ROOFYMOATD2UEPC47P5RPBDTY77E/ GENTOO:GLSA-202003-52 URL:https://security.gentoo.org/glsa/202003-52 MLIST:[debian-lts-announce] 20210529 [SECURITY] [DLA 2668-1] samba security update URL:https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html SUSE:openSUSE-SU-2019:2700 URL:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00038.html UBUNTU:USN-4217-1 URL:https://usn.ubuntu.com/4217-1/ UBUNTU:USN-4217-2 URL:https://usn.ubuntu.com/4217-2/
Assigning CNA
Red Hat, Inc.
Date Record Created
20190810	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20190810)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)