Published: 22/08/2018 Updated: 09/10/2019

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions prior to 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 14.04
debian debian linux 9.0
samba samba

Several security issues were fixed in Samba ...

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malicious Samba server to write to the clie ...

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions ...

CWE-200 https://www.samba.org/samba/security/CVE-2018-10919.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10919 https://www.debian.org/security/2018/dsa-4271 https://usn.ubuntu.com/3738-1/https://security.netapp.com/advisory/ntap-20180814-0001/http://www.securityfocus.com/bid/105081 https://security.gentoo.org/glsa/202003-52 https://usn.ubuntu.com/3738-1/https://nvd.nist.gov

CVE-2018-10919

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect