AVG-651 log

Package samba
Status Fixed
Severity Critical
Type multiple issues
Affected 4.7.5-1
Fixed 4.7.6-1
Current 4.11.2-2 [testing]
4.10.10-2 [extra]
Ticket None
Created Tue Mar 13 12:43:54 2018
Issue Severity Remote Type Description
CVE-2018-1057 Critical Yes Access restriction bypass
On a Samba 4 AD DC any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts.
CVE-2018-1050 Medium Yes Denial of service
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external...
Date Advisory Package Description
13 Mar 2018 ASA-201803-10 samba multiple issues
References
https://lists.samba.org/archive/samba-announce/2018/000435.html