Lucene search

K

RedhatCVELIST:CVE-2018-1050

HistoryMar 13, 2018 - 12:00 a.m.

CVE-2018-1050

2018-03-1300:00:00

CWE-476

redhat

www.cve.org

3

6.3 Medium

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.

CNA Affected

[
  {
    "product": "Samba",
    "vendor": "Samba",
    "versions": [
      {
        "status": "affected",
        "version": "All versions of Samba from 4.0.0 onwards"
      }
    ]
  }
]

References

www.securityfocus.com/bid/103387

www.securitytracker.com/id/1040493

access.redhat.com/errata/RHSA-2018:1860

access.redhat.com/errata/RHSA-2018:1883

access.redhat.com/errata/RHSA-2018:2612

access.redhat.com/errata/RHSA-2018:2613

access.redhat.com/errata/RHSA-2018:3056

bugzilla.redhat.com/show_bug.cgi?id=1538771

help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

lists.debian.org/debian-lts-announce/2018/03/msg00024.html

lists.debian.org/debian-lts-announce/2019/04/msg00013.html

security.gentoo.org/glsa/201805-07

security.netapp.com/advisory/ntap-20180313-0001/

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03834en_us

usn.ubuntu.com/3595-1/

usn.ubuntu.com/3595-2/

www.debian.org/security/2018/dsa-4135

www.samba.org/samba/security/CVE-2018-1050.html

6.3 Medium

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

Related for CVELIST:CVE-2018-1050