The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/105081 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10919 | Issue Tracking Third Party Advisory |
https://security.gentoo.org/glsa/202003-52 | |
https://security.netapp.com/advisory/ntap-20180814-0001/ | Third Party Advisory |
https://usn.ubuntu.com/3738-1/ | Third Party Advisory |
https://www.debian.org/security/2018/dsa-4271 | Third Party Advisory |
https://www.samba.org/samba/security/CVE-2018-10919.html | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2018-08-22T17:00:00
Updated: 2020-03-25T18:06:12
Reserved: 2018-05-09T00:00:00
Link: CVE-2018-10919
JSON object: View
NVD Information
Status : Modified
Published: 2018-08-22T17:29:00.603
Modified: 2019-10-09T23:33:14.337
Link: CVE-2018-10919
JSON object: View
Redhat Information
No data.