A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.
Find out more about CVE-2018-1050 from the MITRE CVE dictionary dictionary and NIST NVD.
| CVSS3 Base Score | 4.3 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
| Attack Vector | Adjacent Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity Impact | None |
| Availability Impact | Low |
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Gluster Storage 3.4 for RHEL 7 (samba) | RHSA-2018:2613 | 2018-09-04 |
| Red Hat Enterprise Linux 6 (samba4) | RHSA-2018:1883 | 2018-06-19 |
| Red Hat Enterprise Linux 6 (samba) | RHSA-2018:1860 | 2018-06-19 |
| Red Hat Gluster Storage 3.4 for RHEL 6 (samba) | RHSA-2018:2612 | 2018-09-04 |
| Red Hat Enterprise Linux 7 (samba) | RHSA-2018:3056 | 2018-10-30 |
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 5 | samba | Not affected |
| Red Hat Enterprise Linux 5 | samba3x | Not affected |
Ensure the paramter:
rpc_server:spoolss = external
is not set in the [global] section of your smb.conf.
Vulmon