vulnerability
Red Hat: CVE-2018-1050: Low: samba security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:A/AC:L/Au:N/C:N/I:N/A:P) | Mar 13, 2018 | Jun 20, 2018 | Mar 3, 2021 |
Severity
3
CVSS
(AV:A/AC:L/Au:N/C:N/I:N/A:P)
Published
Mar 13, 2018
Added
Jun 20, 2018
Modified
Mar 3, 2021
Description
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.
Solutions
redhat-upgrade-libsmbclientredhat-upgrade-libsmbclient-develredhat-upgrade-libwbclientredhat-upgrade-libwbclient-develredhat-upgrade-sambaredhat-upgrade-samba-clientredhat-upgrade-samba-client-libsredhat-upgrade-samba-commonredhat-upgrade-samba-common-libsredhat-upgrade-samba-common-toolsredhat-upgrade-samba-dcredhat-upgrade-samba-dc-libsredhat-upgrade-samba-debuginforedhat-upgrade-samba-develredhat-upgrade-samba-docredhat-upgrade-samba-domainjoin-guiredhat-upgrade-samba-glusterfsredhat-upgrade-samba-krb5-printingredhat-upgrade-samba-libsredhat-upgrade-samba-pidlredhat-upgrade-samba-pythonredhat-upgrade-samba-python-testredhat-upgrade-samba-swatredhat-upgrade-samba-testredhat-upgrade-samba-test-libsredhat-upgrade-samba-vfs-glusterfsredhat-upgrade-samba-winbindredhat-upgrade-samba-winbind-clientsredhat-upgrade-samba-winbind-develredhat-upgrade-samba-winbind-krb5-locatorredhat-upgrade-samba-winbind-modulesredhat-upgrade-samba4redhat-upgrade-samba4-clientredhat-upgrade-samba4-commonredhat-upgrade-samba4-dcredhat-upgrade-samba4-dc-libsredhat-upgrade-samba4-debuginforedhat-upgrade-samba4-develredhat-upgrade-samba4-libsredhat-upgrade-samba4-pidlredhat-upgrade-samba4-pythonredhat-upgrade-samba4-testredhat-upgrade-samba4-winbindredhat-upgrade-samba4-winbind-clientsredhat-upgrade-samba4-winbind-krb5-locator
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.