CVE-2018-1050

LOW

Description

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.

References

http://www.securityfocus.com/bid/103387

http://www.securitytracker.com/id/1040493

https://access.redhat.com/errata/RHSA-2018:1860

https://access.redhat.com/errata/RHSA-2018:1883

https://access.redhat.com/errata/RHSA-2018:2612

https://access.redhat.com/errata/RHSA-2018:2613

https://access.redhat.com/errata/RHSA-2018:3056

https://bugzilla.redhat.com/show_bug.cgi?id=1538771

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

https://lists.debian.org/debian-lts-announce/2018/03/msg00024.html

https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html

https://security.gentoo.org/glsa/201805-07

https://security.netapp.com/advisory/ntap-20180313-0001/

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03834en_us

https://usn.ubuntu.com/3595-1/

https://usn.ubuntu.com/3595-2/

https://www.debian.org/security/2018/dsa-4135

https://www.samba.org/samba/security/CVE-2018-1050.html

Details

Source: MITRE

Published: 2018-03-13

Updated: 2020-12-04

Type: CWE-476

Risk Information

CVSS v2.0

Base Score: 3.3

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

CVSS v3.0

Base Score: 4.3

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Impact Score: 1.4

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:lts:*:*:*

Configuration 2

OR

cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Tenable Plugins

View all (41 total)

IDNameProductFamilySeverity
127392NewStart CGSL MAIN 4.05 : samba Vulnerability (NS-SA-2019-0134)NessusNewStart CGSL Local Security Checks
low
127380NewStart CGSL MAIN 4.05 : samba4 Vulnerability (NS-SA-2019-0128)NessusNewStart CGSL Local Security Checks
low
127271NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2019-0069)NessusNewStart CGSL Local Security Checks
medium
124911EulerOS Virtualization for ARM 64 3.0.1.0 : samba (EulerOS-SA-2019-1408)NessusHuawei Local Security Checks
high
124628EulerOS 2.0 SP3 : samba (EulerOS-SA-2019-1342)NessusHuawei Local Security Checks
medium
123959Debian DLA-1754-1 : samba security updateNessusDebian Local Security Checks
medium
123741EulerOS Virtualization 2.5.3 : samba (EulerOS-SA-2019-1273)NessusHuawei Local Security Checks
medium
123624EulerOS 2.0 SP5 : samba (EulerOS-SA-2019-1150)NessusHuawei Local Security Checks
medium
123599EulerOS 2.0 SP2 : samba (EulerOS-SA-2019-1125)NessusHuawei Local Security Checks
medium
121359Amazon Linux AMI : samba (ALAS-2018-1126)NessusAmazon Linux Local Security Checks
medium
121068Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)NessusJunos Local Security Checks
high
119781Amazon Linux 2 : samba (ALAS-2018-1126)NessusAmazon Linux Local Security Checks
medium
119691CentOS 7 : samba (CESA-2018:3056)NessusCentOS Local Security Checks
medium
119198Scientific Linux Security Update : samba on SL7.x x86_64 (20181030)NessusScientific Linux Local Security Checks
medium
118766Oracle Linux 7 : samba (ELSA-2018-3056)NessusOracle Linux Local Security Checks
medium
118519RHEL 7 : samba (RHSA-2018:3056)NessusRed Hat Local Security Checks
medium
118282SUSE SLES12 Security Update : samba (SUSE-SU-2018:2339-2)NessusSuSE Local Security Checks
medium
117320RHEL 7 : Storage Server (RHSA-2018:2613)NessusRed Hat Local Security Checks
medium
117319RHEL 6 : Storage Server (RHSA-2018:2612) (deprecated)NessusRed Hat Local Security Checks
medium
111785SUSE SLES12 Security Update : samba (SUSE-SU-2018:2339-1)NessusSuSE Local Security Checks
medium
111742SUSE SLES12 Security Update : samba (SUSE-SU-2018:2321-1)NessusSuSE Local Security Checks
high
110891Scientific Linux Security Update : samba on SL6.x i386/x86_64 (20180619)NessusScientific Linux Local Security Checks
medium
110890Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20180619)NessusScientific Linux Local Security Checks
low
110705Oracle Linux 6 : samba4 (ELSA-2018-1883)NessusOracle Linux Local Security Checks
low
110702Oracle Linux 6 : samba (ELSA-2018-1860)NessusOracle Linux Local Security Checks
low
110649CentOS 6 : samba4 (CESA-2018:1883)NessusCentOS Local Security Checks
low
110646CentOS 6 : samba (CESA-2018:1860)NessusCentOS Local Security Checks
low
110604RHEL 6 : samba4 (RHSA-2018:1883)NessusRed Hat Local Security Checks
low
110601RHEL 6 : samba (RHSA-2018:1860)NessusRed Hat Local Security Checks
low
109974GLSA-201805-07 : Samba: Multiple vulnerabilities (SambaCry)NessusGentoo Local Security Checks
critical
108687SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:0832-1)NessusSuSE Local Security Checks
low
108661Debian DLA-1320-1 : samba security updateNessusDebian Local Security Checks
low
108630openSUSE Security Update : samba / talloc / tevent (openSUSE-2018-300)NessusSuSE Local Security Checks
low
108581SUSE SLES11 Security Update : samba (SUSE-SU-2018:0774-1)NessusSuSE Local Security Checks
low
108529SUSE SLED12 / SLES12 Security Update : samba, talloc, tevent (SUSE-SU-2018:0754-1)NessusSuSE Local Security Checks
low
108501Fedora 26 : 2:samba (2018-7d0acd608b)NessusFedora Local Security Checks
medium
108378Samba 4.5.x < 4.5.16 / 4.6.x < 4.6.14 / 4.7.x < 4.7.6 Multiple VulnerabilitiesNessusMisc.
medium
108349Fedora 27 : 2:samba / libldb (2018-c5c651ac44)NessusFedora Local Security Checks
medium
108335Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : Samba vulnerabilities (USN-3595-1)NessusUbuntu Local Security Checks
medium
108316FreeBSD : samba -- multiple vulnerabilities (fb26f78a-26a9-11e8-a1c2-00505689d4ae)NessusFreeBSD Local Security Checks
medium
108304Debian DSA-4135-1 : samba - security updateNessusDebian Local Security Checks
medium