DSA-4271-1 samba -- samba
|ID: oval:org.secpod.oval:def:603486||Date: (C)2018-08-16 (M)2019-02-06|
|Class: PATCH||Family: unix|
Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malicious Samba server to write to the client"s heap memory. CVE-2018-10919 Phillip Kuhrt discovered that Samba when acting as an Active Domain controller disclosed some sensitive attributes.