AVG-651 log
Package | samba |
Status | Fixed |
Severity | Critical |
Type | multiple issues |
Affected | 4.7.5-1 |
Fixed | 4.7.6-1 |
Current | 2:4.21.1-1 [extra] |
Ticket | None |
Created | Tue Mar 13 12:43:54 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-1057 | Critical | Yes | Access restriction bypass | On a Samba 4 AD DC any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts. |
CVE-2018-1050 | Medium | Yes | Denial of service | All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external... |
Date | Advisory | Package | Type |
---|---|---|---|
13 Mar 2018 | ASA-201803-10 | samba | multiple issues |
References |
---|
https://lists.samba.org/archive/samba-announce/2018/000435.html |