PT-2018-3370 · Samba Team+4 · Samba+3

Publicado

2018-08-14

Atualizado

2025-02-13

CVE-2018-10919

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.6.16 Samba versions prior to 4.7.9 Samba versions prior to 4.8.4

Description: The Samba Active Directory LDAP server has an information disclosure flaw due to missing access control checks. An authenticated attacker can exploit this issue to extract confidential attribute values using LDAP search expressions.

Recommendations: For versions prior to 4.6.16, update to version 4.6.16 or later. For versions prior to 4.7.9, update to version 4.7.9 or later. For versions prior to 4.8.4, update to version 4.8.4 or later.

Exploit

Correção

Information Disclosure

Side Channel Attack

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200CWE-203

Identificadores relacionados

ALT-PU-2018-2167

ALT-PU-2018-2168

ALT-PU-2018-2488

ALT-PU-2018-2489

ALT-PU-2023-1618

ALT-PU-2023-1808

ALT-PU-2023-7794

ALT-PU-2024-12484

ALT-PU-2024-14683

BDU:2020-00692

CVE-2018-10919

DLA-1539-1

DSA-4271-1

ECHO-9966-DA92-510A

MGASA-2018-0424

OPENSUSE-SU-2018_2400-1

OPENSUSE-SU-2018_3211-1

OPENSUSE-SU-2024:11365-1

SUSE-SU-2018:2318-1

SUSE-SU-2018:3161-1

SUSE-SU-2018_3161-1

USN-3738-1

Produtos afetados

Alt Linux

Samba

Suse

Ubuntu

PT-2018-3370 · Samba Team+4 · Samba+3

CVE-2018-10919

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 124