CVE-2018-1050 - log back

CVE-2018-1050 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.
References
+ https://www.samba.org/samba/security/CVE-2018-1050.html
+ https://github.com/samba-team/samba/commit/c41895be8222199ffe69749e32afc9946517f63f
Notes
+ There is no known vulnerability associated with this error, merely a
+ denial of service. If the RPC spoolss service is left by default as an
+ internal service, all a client can do is crash its own authenticated
+ connection.