CVE-2018-10858

2018-08-2217:29:00

Google

osv.dev

8.9 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.3%

JSON

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

CPENameOperatorVersion
sambaeq3.6.1-r0
sambaeq3.5.6-r0
sambaeq4.8.1-r0
sambaeq4.1.15-r0
sambaeq4.1.2-r0
sambaeq4.1.11-r0
sambaeq4.7.6-r0
sambaeq3.6.3-r0
sambaeq4.4.3-r0
sambaeq4.6.4-r0

Name	Operator	Version
samba	eq	3.6.1-r0
samba	eq	3.5.6-r0
samba	eq	4.8.1-r0
samba	eq	4.1.15-r0
samba	eq	4.1.2-r0
samba	eq	4.1.11-r0
samba	eq	4.7.6-r0
samba	eq	3.6.3-r0
samba	eq	4.4.3-r0
samba	eq	4.6.4-r0