CVE-2019-14907
- Source
- https://cve.org/CVERecord?id=CVE-2019-14907
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14907.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-14907
- Downstream
- Related
- Published
- 2020-01-21T18:15:12.717Z
- Modified
- 2026-04-02T01:41:14.357962Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).
- References
-
- https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ACZVNMIFQGGXNJPMHAVBN3H2U65FXQY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GQ6U65I2K23YJC4FESW477WL55TU3PPT/
- https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html
- https://security.gentoo.org/glsa/202003-52
- https://usn.ubuntu.com/4244-1/
- https://www.samba.org/samba/security/CVE-2019-14907.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00055.html
- https://security.netapp.com/advisory/ntap-20200122-0001/
- https://www.synology.com/security/advisory/Synology_SA_20_01
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14907
Affected packages
Git / github.com/samba-team/samba
Affected ranges
- Type
- GIT
- Repo
- https://github.com/samba-team/samba
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "4.9.0" }, { "fixed": "4.9.18" }, { "introduced": "4.10.0" }, { "fixed": "4.10.12" }, { "introduced": "4.11.0" }, { "fixed": "4.11.5" }, { "introduced": "0" }, { "last_affected": "3.0" }, { "introduced": "0" }, { "last_affected": "1.2" } ] }
Affected versions
ldb-1.*
ldb-1.1.0
ldb-1.1.10
ldb-1.1.11
ldb-1.1.12
ldb-1.1.13
ldb-1.1.14
ldb-1.1.15
ldb-1.1.16
ldb-1.1.17
ldb-1.1.18
ldb-1.1.19
ldb-1.1.2
ldb-1.1.20
ldb-1.1.21
ldb-1.1.22
ldb-1.1.23
ldb-1.1.24
ldb-1.1.25
ldb-1.1.26
ldb-1.1.27
ldb-1.1.28
ldb-1.1.29
ldb-1.1.3
ldb-1.1.30
ldb-1.1.31
ldb-1.1.4
ldb-1.1.5
ldb-1.1.6
ldb-1.1.8
ldb-1.1.9
ldb-1.2.0
ldb-1.2.1
ldb-1.2.2
ldb-1.2.3
ldb-1.2.4
ldb-1.3.0
ldb-1.3.1
ldb-1.3.2
ldb-1.3.3
ldb-1.3.4
ldb-1.3.5
ldb-1.3.6
ldb-1.3.7
ldb-1.3.8
ldb-1.4.0
ldb-1.4.1
ldb-1.4.2
ldb-1.4.3
ldb-1.4.4
ldb-1.4.5
ldb-1.4.6
ldb-1.4.7
ldb-1.4.8
ldb-1.5.0
ldb-1.5.1
ldb-1.5.2
ldb-1.5.3
ldb-1.5.4
ldb-1.5.5
ldb-1.5.6
ldb-1.6.1
ldb-1.6.2
ldb-1.6.3
ldb-2.*
ldb-2.0.5
ldb-2.0.6
ldb-2.0.7
ldb-2.0.8
ldb-2.1.0
ldb-2.1.1
ldb-2.1.2
ldb-2.1.3
ldb-2.1.4
ldb-2.1.5
ldb-2.2.0
ldb-2.2.1
ldb-2.2.2
ldb-2.2.3
ldb-2.3.0
ldb-2.3.1
ldb-2.3.2
ldb-2.3.3
ldb-2.3.4
ldb-2.4.0
ldb-2.4.1
ldb-2.4.2
ldb-2.4.3
ldb-2.4.4
ldb-2.5.0
ldb-2.5.1
ldb-2.5.2
ldb-2.5.3
ldb-2.6.0
ldb-2.6.1
ldb-2.6.2
ldb-2.7.0
ldb-2.7.1
ldb-2.7.2
ldb-2.8.0
ldb-2.8.1
ldb-2.8.2
ldb-2.9.0
ldb-2.9.1
ldb-2.9.2
samba-3.*
samba-3.4.0
samba-3.4.0pre1
samba-3.4.0pre2
samba-3.4.0rc1
samba-3.4.1
samba-3.4.10
samba-3.4.11
samba-3.4.12
samba-3.4.13
samba-3.4.14
samba-3.4.15
samba-3.4.16
samba-3.4.17
samba-3.4.2
samba-3.4.3
samba-3.4.4
samba-3.4.5
samba-3.4.6
samba-3.4.7
samba-3.4.8
samba-3.4.9
samba-3.5.0
samba-3.5.0pre1
samba-3.5.0pre2
samba-3.5.0rc1
samba-3.5.0rc2
samba-3.5.0rc3
samba-3.5.1
samba-3.5.10
samba-3.5.11
samba-3.5.12
samba-3.5.13
samba-3.5.14
samba-3.5.15
samba-3.5.16
samba-3.5.17
samba-3.5.18
samba-3.5.19
samba-3.5.2
samba-3.5.20
samba-3.5.21
samba-3.5.22
samba-3.5.3
samba-3.5.4
samba-3.5.5
samba-3.5.6
samba-3.5.7
samba-3.5.8
samba-3.5.9
samba-3.6.0
samba-3.6.0pre1
samba-3.6.0pre2
samba-3.6.0pre3
samba-3.6.0rc1
samba-3.6.0rc2
samba-3.6.0rc3
samba-3.6.1
samba-3.6.10
samba-3.6.11
samba-3.6.12
samba-3.6.13
samba-3.6.14
samba-3.6.15
samba-3.6.16
samba-3.6.17
samba-3.6.18
samba-3.6.19
samba-3.6.2
samba-3.6.20
samba-3.6.21
samba-3.6.22
samba-3.6.23
samba-3.6.24
samba-3.6.25
samba-3.6.3
samba-3.6.4
samba-3.6.5
samba-3.6.6
samba-3.6.7
samba-3.6.8
samba-3.6.9
samba-4.*
samba-4.0.0
samba-4.0.0alpha10
samba-4.0.0alpha11
samba-4.0.0alpha13
samba-4.0.0alpha14
samba-4.0.0alpha15
samba-4.0.0alpha16
samba-4.0.0alpha17
samba-4.0.0alpha18
samba-4.0.0alpha19
samba-4.0.0alpha20
samba-4.0.0alpha21
samba-4.0.0alpha6
samba-4.0.0alpha7
samba-4.0.0alpha8
samba-4.0.0alpha9
samba-4.0.0beta1
samba-4.0.0beta2
samba-4.0.0beta3
samba-4.0.0beta4
samba-4.0.0beta5
samba-4.0.0beta6
samba-4.0.0beta7
samba-4.0.0beta8
samba-4.0.0rc1
samba-4.0.0rc2
samba-4.0.0rc3
samba-4.0.0rc4
samba-4.0.0rc5
samba-4.0.0rc6
samba-4.0.1
samba-4.0.10
samba-4.0.11
samba-4.0.12
samba-4.0.13
samba-4.0.14
samba-4.0.15
samba-4.0.16
samba-4.0.17
samba-4.0.18
samba-4.0.19
samba-4.0.2
samba-4.0.20
samba-4.0.21
samba-4.0.22
samba-4.0.23
samba-4.0.24
samba-4.0.25
samba-4.0.26
samba-4.0.3
samba-4.0.4
samba-4.0.5
samba-4.0.6
samba-4.0.7
samba-4.0.8
samba-4.0.9
samba-4.1.0
samba-4.1.0rc1
samba-4.1.0rc2
samba-4.1.0rc3
samba-4.1.0rc4
samba-4.1.1
samba-4.1.10
samba-4.1.11
samba-4.1.12
samba-4.1.13
samba-4.1.14
samba-4.1.15
samba-4.1.16
samba-4.1.17
samba-4.1.18
samba-4.1.19
samba-4.1.2
samba-4.1.20
samba-4.1.21
samba-4.1.22
samba-4.1.23
samba-4.1.3
samba-4.1.4
samba-4.1.5
samba-4.1.6
samba-4.1.7
samba-4.1.8
samba-4.1.9
samba-4.10.0
samba-4.10.0rc1
samba-4.10.0rc2
samba-4.10.0rc3
samba-4.10.0rc4
samba-4.10.1
samba-4.10.10
samba-4.10.11
samba-4.10.2
samba-4.10.3
samba-4.10.4
samba-4.10.5
samba-4.10.6
samba-4.10.7
samba-4.10.8
samba-4.10.9
samba-4.11.0
samba-4.11.0rc1
samba-4.11.0rc2
samba-4.11.0rc3
samba-4.11.0rc4
samba-4.11.1
samba-4.11.2
samba-4.11.3
samba-4.11.4
samba-4.12.0
samba-4.12.0rc1
samba-4.12.0rc2
samba-4.12.0rc3
samba-4.12.0rc4
samba-4.12.1
samba-4.12.10
samba-4.12.11
samba-4.12.12
samba-4.12.13
samba-4.12.14
samba-4.12.15
samba-4.12.2
samba-4.12.3
samba-4.12.4
samba-4.12.5
samba-4.12.6
samba-4.12.7
samba-4.12.8
samba-4.12.9
samba-4.13.0
samba-4.13.0rc1
samba-4.13.0rc2
samba-4.13.0rc3
samba-4.13.0rc4
samba-4.13.0rc5
samba-4.13.0rc6
samba-4.13.1
samba-4.13.10
samba-4.13.11
samba-4.13.12
samba-4.13.13
samba-4.13.14
samba-4.13.15
samba-4.13.16
samba-4.13.17
samba-4.13.2
samba-4.13.3
samba-4.13.4
samba-4.13.5
samba-4.13.6
samba-4.13.7
samba-4.13.8
samba-4.13.9
samba-4.14.0
samba-4.14.0rc1
samba-4.14.0rc2
samba-4.14.0rc3
samba-4.14.0rc4
samba-4.14.1
samba-4.14.10
samba-4.14.11
samba-4.14.12
samba-4.14.13
samba-4.14.14
samba-4.14.2
samba-4.14.3
samba-4.14.4
samba-4.14.5
samba-4.14.6
samba-4.14.7
samba-4.14.8
samba-4.14.9
samba-4.15.0
samba-4.15.0rc1
samba-4.15.0rc2
samba-4.15.0rc3
samba-4.15.0rc4
samba-4.15.0rc5
samba-4.15.0rc6
samba-4.15.0rc7
samba-4.15.1
samba-4.15.10
samba-4.15.11
samba-4.15.12
samba-4.15.13
samba-4.15.2
samba-4.15.3
samba-4.15.4
samba-4.15.5
samba-4.15.6
samba-4.15.7
samba-4.15.8
samba-4.15.9
samba-4.16.0
samba-4.16.0rc1
samba-4.16.0rc2
samba-4.16.0rc3
samba-4.16.0rc4
samba-4.16.0rc5
samba-4.16.1
samba-4.16.10
samba-4.16.11
samba-4.16.2
samba-4.16.3
samba-4.16.4
samba-4.16.5
samba-4.16.6
samba-4.16.7
samba-4.16.8
samba-4.16.9
samba-4.17.0
samba-4.17.0rc1
samba-4.17.0rc2
samba-4.17.0rc3
samba-4.17.0rc4
samba-4.17.0rc5
samba-4.17.1
samba-4.17.10
samba-4.17.11
samba-4.17.12
samba-4.17.2
samba-4.17.3
samba-4.17.4
samba-4.17.5
samba-4.17.6
samba-4.17.7
samba-4.17.8
samba-4.17.9
samba-4.18.0
samba-4.18.0rc1
samba-4.18.0rc2
samba-4.18.0rc3
samba-4.18.0rc4
samba-4.18.1
samba-4.18.10
samba-4.18.11
samba-4.18.2
samba-4.18.3
samba-4.18.4
samba-4.18.5
samba-4.18.6
samba-4.18.7
samba-4.18.8
samba-4.18.9
samba-4.19.0
samba-4.19.0rc1
samba-4.19.0rc2
samba-4.19.0rc3
samba-4.19.0rc4
samba-4.19.1
samba-4.19.2
samba-4.19.3
samba-4.19.4
samba-4.19.5
samba-4.19.6
samba-4.19.7
samba-4.19.8
samba-4.19.9
samba-4.2.0
samba-4.2.0rc1
samba-4.2.0rc2
samba-4.2.0rc3
samba-4.2.0rc4
samba-4.2.0rc5
samba-4.2.1
samba-4.2.10
samba-4.2.11
samba-4.2.12
samba-4.2.13
samba-4.2.14
samba-4.2.2
samba-4.2.3
samba-4.2.4
samba-4.2.5
samba-4.2.6
samba-4.2.7
samba-4.2.8
samba-4.2.9
samba-4.20.0
samba-4.20.0rc1
samba-4.20.0rc2
samba-4.20.0rc3
samba-4.20.0rc4
samba-4.20.1
samba-4.20.2
samba-4.20.3
samba-4.20.4
samba-4.20.5
samba-4.20.6
samba-4.20.7
samba-4.20.8
samba-4.21.0
samba-4.21.0rc1
samba-4.21.0rc2
samba-4.21.0rc3
samba-4.21.0rc4
samba-4.21.1
samba-4.21.10
samba-4.21.2
samba-4.21.3
samba-4.21.4
samba-4.21.5
samba-4.21.6
samba-4.21.7
samba-4.21.8
samba-4.21.9
samba-4.22.0
samba-4.22.0rc1
samba-4.22.0rc2
samba-4.22.0rc3
samba-4.22.0rc4
samba-4.22.1
samba-4.22.2
samba-4.22.3
samba-4.22.4
samba-4.22.5
samba-4.22.6
samba-4.22.7
samba-4.22.8
samba-4.23.0
samba-4.23.0rc1
samba-4.23.0rc2
samba-4.23.0rc3
samba-4.23.0rc4
samba-4.23.1
samba-4.23.2
samba-4.23.3
samba-4.23.4
samba-4.23.5
samba-4.23.6
samba-4.24.0
samba-4.24.0rc1
samba-4.24.0rc2
samba-4.24.0rc3
samba-4.3.0
samba-4.3.0rc1
samba-4.3.0rc2
samba-4.3.0rc3
samba-4.3.0rc4
samba-4.3.1
samba-4.3.10
samba-4.3.11
samba-4.3.12
samba-4.3.13
samba-4.3.2
samba-4.3.3
samba-4.3.4
samba-4.3.5
samba-4.3.6
samba-4.3.7
samba-4.3.8
samba-4.3.9
samba-4.4.0
samba-4.4.0rc1
samba-4.4.0rc2
samba-4.4.0rc3
samba-4.4.0rc4
samba-4.4.0rc5
samba-4.4.1
samba-4.4.10
samba-4.4.11
samba-4.4.12
samba-4.4.13
samba-4.4.14
samba-4.4.15
samba-4.4.16
samba-4.4.2
samba-4.4.3
samba-4.4.4
samba-4.4.5
samba-4.4.6
samba-4.4.7
samba-4.4.8
samba-4.4.9
samba-4.5.0
samba-4.5.0rc1
samba-4.5.0rc2
samba-4.5.0rc3
samba-4.5.1
samba-4.5.10
samba-4.5.11
samba-4.5.12
samba-4.5.13
samba-4.5.14
samba-4.5.15
samba-4.5.16
samba-4.5.2
samba-4.5.3
samba-4.5.4
samba-4.5.5
samba-4.5.6
samba-4.5.7
samba-4.5.8
samba-4.5.9
samba-4.6.0
samba-4.6.0rc1
samba-4.6.0rc2
samba-4.6.0rc3
samba-4.6.0rc4
samba-4.6.1
samba-4.6.10
samba-4.6.11
samba-4.6.12
samba-4.6.13
samba-4.6.14
samba-4.6.15
samba-4.6.16
samba-4.6.2
samba-4.6.3
samba-4.6.4
samba-4.6.5
samba-4.6.6
samba-4.6.7
samba-4.6.8
samba-4.6.9
samba-4.7.0
samba-4.7.0rc1
samba-4.7.0rc2
samba-4.7.0rc3
samba-4.7.0rc4
samba-4.7.0rc5
samba-4.7.0rc6
samba-4.7.1
samba-4.7.10
samba-4.7.11
samba-4.7.12
samba-4.7.2
samba-4.7.3
samba-4.7.4
samba-4.7.5
samba-4.7.6
samba-4.7.7
samba-4.7.8
samba-4.7.9
samba-4.8.0
samba-4.8.0rc1
samba-4.8.0rc2
samba-4.8.0rc3
samba-4.8.0rc4
samba-4.8.1
samba-4.8.10
samba-4.8.11
samba-4.8.12
samba-4.8.2
samba-4.8.3
samba-4.8.4
samba-4.8.5
samba-4.8.6
samba-4.8.7
samba-4.8.8
samba-4.8.9
samba-4.9.0
samba-4.9.0rc1
samba-4.9.0rc2
samba-4.9.0rc3
samba-4.9.0rc4
samba-4.9.0rc5
samba-4.9.1
samba-4.9.10
samba-4.9.11
samba-4.9.12
samba-4.9.13
samba-4.9.14
samba-4.9.15
samba-4.9.16
samba-4.9.17
samba-4.9.2
samba-4.9.3
samba-4.9.4
samba-4.9.5
samba-4.9.6
samba-4.9.7
samba-4.9.8
samba-4.9.9
talloc-1.*
talloc-1.3.0
talloc-1.3.1
talloc-2.*
talloc-2.0.0
talloc-2.0.1
talloc-2.0.6
talloc-2.0.7
talloc-2.0.8
talloc-2.1.0
talloc-2.1.1
talloc-2.1.10
talloc-2.1.11
talloc-2.1.12
talloc-2.1.13
talloc-2.1.14
talloc-2.1.15
talloc-2.1.16
talloc-2.1.2
talloc-2.1.3
talloc-2.1.4
talloc-2.1.5
talloc-2.1.6
talloc-2.1.7
talloc-2.1.8
talloc-2.1.9
talloc-2.2.0
talloc-2.3.0
talloc-2.3.1
talloc-2.3.2
talloc-2.3.3
talloc-2.3.4
talloc-2.4.0
talloc-2.4.1
talloc-2.4.2
talloc-2.4.3
talloc-2.4.4
tdb-1.*
tdb-1.1.3
tdb-1.1.5
tdb-1.2.0
tdb-1.2.1
tdb-1.2.10
tdb-1.2.11
tdb-1.2.12
tdb-1.2.13
tdb-1.3.0
tdb-1.3.1
tdb-1.3.10
tdb-1.3.11
tdb-1.3.12
tdb-1.3.13
tdb-1.3.14
tdb-1.3.15
tdb-1.3.16
tdb-1.3.17
tdb-1.3.18
tdb-1.3.2
tdb-1.3.3
tdb-1.3.4
tdb-1.3.5
tdb-1.3.6
tdb-1.3.7
tdb-1.3.8
tdb-1.3.9
tdb-1.4.0
tdb-1.4.1
tdb-1.4.10
tdb-1.4.11
tdb-1.4.12
tdb-1.4.13
tdb-1.4.14
tdb-1.4.15
tdb-1.4.2
tdb-1.4.3
tdb-1.4.4
tdb-1.4.5
tdb-1.4.6
tdb-1.4.7
tdb-1.4.8
tdb-1.4.9
tevent-0.*
tevent-0.10.0
tevent-0.10.1
tevent-0.10.2
tevent-0.11.0
tevent-0.12.0
tevent-0.12.1
tevent-0.13.0
tevent-0.14.0
tevent-0.14.1
tevent-0.15.0
tevent-0.16.0
tevent-0.16.1
tevent-0.16.2
tevent-0.17.0
tevent-0.17.1
tevent-0.9.11
tevent-0.9.12
tevent-0.9.13
tevent-0.9.14
tevent-0.9.15
tevent-0.9.16
tevent-0.9.17
tevent-0.9.18
tevent-0.9.19
tevent-0.9.20
tevent-0.9.21
tevent-0.9.22
tevent-0.9.23
tevent-0.9.24
tevent-0.9.25
tevent-0.9.26
tevent-0.9.27
tevent-0.9.28
tevent-0.9.29
tevent-0.9.30
tevent-0.9.31
tevent-0.9.32
tevent-0.9.33
tevent-0.9.34
tevent-0.9.35
tevent-0.9.36
tevent-0.9.37
tevent-0.9.38
tevent-0.9.39
tevent-0.9.8
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14907.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "30"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "31"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "19.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "19.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
}
]