CVE-2019-14907

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 21, 2020

Updated: Jan 14, 2025

CWE ID 125

Summary

CVE-2019-14907 is a vulnerability affecting Samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12, and 4.11.x before 4.11.5. If the log level is set to 3 or higher, Samba will print strings obtained from clients during the NTLMSSP authentication exchange. In the case of an Active Directory Domain Controller (DC), this could lead to long-lived processes, like the RPC server, terminating. For file servers, a crash in smbd, which operates as a process-per-client, is harmless.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Samba
Red Hat Enterprise Linux
Ubuntu Linux
Fedora Operating System
Debian

Affected Vendors

Samba Financial Group
Red Hat
Debian
Fedora Project
Synology

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners