Lucene search

K
oraclelinuxOracleLinuxELSA-2018-3056
HistoryNov 05, 2018 - 12:00 a.m.

samba security, bug fix, and enhancement update

2018-11-0500:00:00
linux.oracle.com
543

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

89.5%

[4.8.3-4]

  • resolves: #1614132 - Fix delete-on-close after smb2_find
  • resolves: #1614265 - Fix CVE-2018-1139
  • resolves: #1614269 - Fix CVE-2018-10858
    [4.8.3-3]
  • resolves: #1581016 - Add smbclient quiet argument
    [4.8.3-2]
  • related: #1538743 - Fix local user account lookup with winbind
    [4.8.3-1]
  • related: #1558560 - Rebase to Samba version 4.8.3
  • resolves: #1579398 - Add winbind localauth krb5 plugin
    [4.8.2-2]
  • resolves: #1540457 - Fixed support for authenticaton on on way trusts
    [4.8.2-1]
  • related: #1558560 - Rebase to newer Samba version
    [4.8.1-4]
  • resolves: #1582541 - Fix anonymous auth with SMB2/3
    [4.8.1-3]
  • resolves: #1575205 - Fix segfault when updating DNS with ‘net ads join’
  • resolves: #1525511 - Fix idmap_rid dependency on trusted domain list
    [4.8.1-2]
  • resolves: #1538743 - Fix UPN handling in winbind
    [4.8.1-1]
  • related: #1558560 - Rebase to newer Samba version
  • resolves: #1567896 - Fix possible crash if secrets db is emtpy
  • resolves: #1570020 - Fix a crash in smbd when dfsgetinfo is called
    [4.8.0-1]
  • resolves: #1558560 - Rebase to newer Samba version
  • resolves: #1558943 - Fix winbind requests getting stuck on a child
  • resolves: #1532618 - Fix segfault with NT1 connections in smbd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

89.5%