Arch Linux
Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download
issues
advisories
todo
stats
log
login
ASA-201803-10
log
original
external
raw
[ASA-201803-10] samba: multiple issues
Arch Linux Security Advisory ASA-201803-10 ========================================== Severity: Critical Date : 2018-03-13 CVE-ID :
CVE-2018-1050
CVE-2018-1057
Package :
samba
Type : multiple issues Remote : Yes Link :
https://security.archlinux.org/AVG-651
Summary ======= The package
samba
before version 4.7.6-1 is vulnerable to multiple issues including access restriction bypass and denial of service. Resolution ========== Upgrade to 4.7.6-1. # pacman -Syu "
samba
>=4.7.6-1" The problems have been fixed upstream in version 4.7.6. Workaround ========== -
CVE-2018-1050
Ensure the parameter: rpc_server:spoolss = external is not set in the [global] section of your smb.conf. -
CVE-2018-1057
Revoke the change passwords right for 'the world' from all user objects (including computers) in the directory, leaving only the right to change a user's own password. Description =========== -
CVE-2018-1050
(denial of service) All versions of
Samba
from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. -
CVE-2018-1057
(access restriction bypass) On a
Samba
4 AD DC any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts. Impact ====== A remote attacker is able to change other users passwords on a
Samba
4 AD DC or perform a denial of service attack by sending a specially crafted request to the spoolss service. References ==========
https://lists.samba.org/archive/samba-announce/2018/000435.html
https://www.samba.org/samba/security/CVE-2018-1050.html
https://github.com/samba-team/samba/commit/c41895be8222199ffe69749e32afc9946517f63f
https://www.samba.org/samba/security/CVE-2018-1057.html
https://wiki.samba.org/index.php/CVE-2018-1057
https://github.com/samba-team/samba/commit/50e7788603b97104fe116a07ab14a1d1148f4405
https://github.com/samba-team/samba/commit/c80456855197f9fe9ef497a7fc94504c28445343
https://github.com/samba-team/samba/commit/ab7dc210e9aedc1222055822ff296e4a67cfb27b
https://github.com/samba-team/samba/commit/407a34c73fcd666c22776bbc4aa56d02c0683463
https://github.com/samba-team/samba/commit/3e6621fe58014f19477633b1c0b54288550f0e87
https://github.com/samba-team/samba/commit/9dd7dd9ebba8d449feea66695fab3cbbb22d00e8
https://github.com/samba-team/samba/commit/766ab4c52b06532f2dd8801ccf5d4aadf07a098e
https://github.com/samba-team/samba/commit/0e15ce12e1e9733f1e8eb13e77cbcdd0aea29f29
https://github.com/samba-team/samba/commit/39e689aa703536330083bfc4d58d15a2521e0f95
https://github.com/samba-team/samba/commit/2fea9ee701fed0417d8f681238663b7b00c451f8
https://github.com/samba-team/samba/commit/c653e51a3d991e0e08327186881b324b85106f0d
https://github.com/samba-team/samba/commit/b23bf04caeb196da9515addbcdf17db0723ee553
https://github.com/samba-team/samba/commit/fbd16473ecf073f86e36f9e29a80151272661dce
https://security.archlinux.org/CVE-2018-1050
https://security.archlinux.org/CVE-2018-1057