71 matches found
Updated samba packages fix security vulnerabilities
It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon CVE-2018-1050. Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server incorrectly validates permissions to modify passwords over LDA...
SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:0832-1)
This update for samba fixes the following issues : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean a...
openSUSE Security Update : samba / talloc / tevent (openSUSE-2018-300)
"Samba was updated to version 4.6.13 to fix several bugs. bsc1084191 Security issue fixed : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741. The library talloc was updated to version 2.1.10 : - build, documentation and python3 improvements The library tevent was updat...
SUSE SLED12 / SLES12 Security Update : samba, talloc, tevent (SUSE-SU-2018:0754-1)
"Samba was updated to version 4.6.13 to fix several bugs. bsc1084191 Security issue fixed : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741. The library talloc was updated to version 2.1.10 : - build, documentation and python3 improvements The library tevent was updat...
The vulnerability of the Samba networking communication package lies in the lack of input data validation, which allows attackers to trigger a service failure.
The vulnerability of the Samba networking communication package is related to the lack of input data validation during RPC spoolss calls if RPC spoolss is configured to run as an external daemon. Exploiting this vulnerability allows a malicious actor to cause a failure in the print queue manager’...
Ubuntu 14.04 LTS / 16.04 LTS : Samba vulnerabilities (USN-3595-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3595-1 advisory. Bjrn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker cou...
ALPINE-CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
DEBIAN-CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
Design/Logic Flaw
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
CVE-2018-1050
CVE-2018-1050 is a NULL pointer dereference in Samba’s RPC external printer service that can crash the print spooler, affecting Samba releases from 4.0.0 onward. The issue arises from missing input validation in spoolss RPC calls, leading to a denial-of-service condition. Public advisories and pr...
CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
USN-3595-1 samba vulnerabilities
Björn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. CVE-2018-1057 It was discovered that...
USN-3595-1: Samba vulnerabilities
Björn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. CVE-2018-1057 It was discovered that...
CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
UBUNTU-CVE-2018-1050
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash...
Denial of Service Attack on external print server.
Description All versions of Samba from 3.6.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler servic...