Lucene search
K

71 matches found

Mageia
Mageia
added 2018/04/13 8:8 p.m.54 views

Updated samba packages fix security vulnerabilities

It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon CVE-2018-1050. Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server incorrectly validates permissions to modify passwords over LDA...

8.8CVSS3.9AI score0.10308EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/03/28 12:0 a.m.35 views

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:0832-1)

This update for samba fixes the following issues : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean a...

4.3CVSS6.8AI score0.06691EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.31 views

openSUSE Security Update : samba / talloc / tevent (openSUSE-2018-300)

"Samba was updated to version 4.6.13 to fix several bugs. bsc1084191 Security issue fixed : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741. The library talloc was updated to version 2.1.10 : - build, documentation and python3 improvements The library tevent was updat...

4.3CVSS6.8AI score0.06691EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/03/22 12:0 a.m.24 views

SUSE SLED12 / SLES12 Security Update : samba, talloc, tevent (SUSE-SU-2018:0754-1)

"Samba was updated to version 4.6.13 to fix several bugs. bsc1084191 Security issue fixed : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741. The library talloc was updated to version 2.1.10 : - build, documentation and python3 improvements The library tevent was updat...

4.3CVSS6.8AI score0.06691EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2018/03/16 12:0 a.m.9 views

The vulnerability of the Samba networking communication package lies in the lack of input data validation, which allows attackers to trigger a service failure.

The vulnerability of the Samba networking communication package is related to the lack of input data validation during RPC spoolss calls if RPC spoolss is configured to run as an external daemon. Exploiting this vulnerability allows a malicious actor to cause a failure in the print queue manager’...

7.8CVSS6.8AI score0.06691EPSS
Exploits0References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2018/03/14 12:0 a.m.32 views

Ubuntu 14.04 LTS / 16.04 LTS : Samba vulnerabilities (USN-3595-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3595-1 advisory. Bjrn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker cou...

8.8CVSS7AI score0.10308EPSS
Exploits1References3
OSV
OSV
added 2018/03/13 4:29 p.m.3 views

ALPINE-CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS6.7AI score0.06691EPSS
Exploits0References1
OSV
OSV
added 2018/03/13 4:29 p.m.0 views

DEBIAN-CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS6.7AI score0.06691EPSS
Exploits0References1
OSV
OSV
added 2018/03/13 4:29 p.m.20 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS6.3AI score0.06691EPSS
Exploits0References18
NVD
NVD
added 2018/03/13 4:29 p.m.13 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS5AI score0.06691EPSS
Exploits0References18
Prion
Prion
added 2018/03/13 4:29 p.m.42 views

Design/Logic Flaw

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

3.3CVSS6AI score0.06691EPSS
Exploits0References18Affected Software6
CVE
CVE
added 2018/03/13 4:0 p.m.591 views

CVE-2018-1050

CVE-2018-1050 is a NULL pointer dereference in Samba’s RPC external printer service that can crash the print spooler, affecting Samba releases from 4.0.0 onward. The issue arises from missing input validation in spoolss RPC calls, leading to a denial-of-service condition. Public advisories and pr...

4.3CVSS6.2AI score0.06691EPSS
Exploits0References18Affected Software1
Cvelist
Cvelist
added 2018/03/13 4:0 p.m.39 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

6.3AI score0.06691EPSS
Exploits0References18
Debian CVE
Debian CVE
added 2018/03/13 4:0 p.m.37 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS7.1AI score0.06691EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2018/03/13 4:0 p.m.37 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS6.6AI score0.06691EPSS
Exploits0
OSV
OSV
added 2018/03/13 2:28 p.m.8 views

USN-3595-1 samba vulnerabilities

Björn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. CVE-2018-1057 It was discovered that...

8.8CVSS6.8AI score0.10308EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2018/03/13 2:28 p.m.72 views

USN-3595-1: Samba vulnerabilities

Björn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. CVE-2018-1057 It was discovered that...

8.8CVSS7AI score0.10308EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2018/03/13 12:0 a.m.39 views

CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS7AI score0.06691EPSS
Exploits0References4
OSV
OSV
added 2018/03/13 12:0 a.m.6 views

UBUNTU-CVE-2018-1050

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...

4.3CVSS6.8AI score0.06691EPSS
Exploits0References5
Samba
Samba
added 2018/03/13 12:0 a.m.530 views

Denial of Service Attack on external print server.

Description All versions of Samba from 3.6.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler servic...

4.3CVSS1AI score0.06691EPSS
Exploits0
Rows per page
Query Builder