Synology-SA-21:13 Samba AD DC

Publish Time: 2021-03-26 15:29:59 UTC+8

Last Updated: 2021-07-08 17:14:55 UTC+8

Severity
Important
Status
Resolved

Abstract

Multiple vulnerabilities allow remote attackers and remote authenticated users to conduct denial-of-service attacks via a susceptible version of Synology Directory Server.

Affected Products

Product Severity Fixed Release Availability
Synology Directory Server Important Upgrade to 4.10.18-0300 or above.

Mitigation

None

Detail

  • CVE-2020-27840

    • Severity: Important
    • CVSS3 Base Score: 7.5
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    • A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.
  • CVE-2021-20277

    • Severity: Important
    • CVSS3 Base Score: 7.1
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
    • A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.

Reference

Revision

Revision Date Description
1 2021-03-26 Initial public release.
2 2021-06-01 Update for Synology Directory Server is now available in Affected Products.