CVE-2019-14847
- Source
- https://cve.org/CVERecord?id=CVE-2019-14847
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14847.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-14847
- Downstream
- Related
- Published
- 2019-11-06T10:15:10.933Z
- Modified
- 2026-03-20T11:28:28.201337Z
- Severity
-
- 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
- References
-
- https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKPYHDFI7HRELVXBE5J4MTGSI35AKFBI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQ3IUACPZJXSC4OM6P2V4IC4QMZQZWPD/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html
- https://www.samba.org/samba/security/CVE-2019-14847.html
- https://www.synology.com/security/advisory/Synology_SA_19_35
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00015.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14847
Affected packages
Git / github.com/samba-team/samba
Affected versions
ldb-1.*
ldb-1.5.5
ldb-1.5.6
samba-4.*
samba-4.10.0
samba-4.10.1
samba-4.10.2
samba-4.10.3
samba-4.10.4
samba-4.10.5
samba-4.10.6
samba-4.10.7
samba-4.10.8
samba-4.10.9
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "29"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "30"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "15.0"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14847.json"