PT-2018-3369 · Samba+3 · Samba+3

Publicado

2018-08-14

Atualizado

2024-06-15

CVE-2018-10918

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.7.9 Samba versions prior to 4.8.4

Description: The issue is related to a null pointer dereference flaw in the way Samba checks database outputs from the LDB database layer. This flaw can be exploited by an authenticated attacker to crash a Samba server, particularly in an Active Directory Domain Controller configuration, leading to a denial of service.

Recommendations: For Samba versions prior to 4.7.9, update to version 4.7.9 or later to resolve the issue. For Samba versions prior to 4.8.4, update to version 4.8.4 or later to resolve the issue.

Exploit

Correção

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2018-2167

ALT-PU-2018-2168

ALT-PU-2018-2488

ALT-PU-2018-2489

BDU:2020-00691

CVE-2018-10918

ECHO-86F7-6F5C-037E

OPENSUSE-SU-2018_2400-1

OPENSUSE-SU-2024:11365-1

SUSE-SU-2018:2318-1

USN-3738-1

Produtos afetados

Alt Linux

Samba

Suse

Ubuntu

PT-2018-3369 · Samba+3 · Samba+3

CVE-2018-10918

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 104