what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2018-1057

Status Candidate

Overview

On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).

Related Files

Watchguard AP100/AP102/AP200 1.2.9.15 Remote Code Execution
Posted Sep 15, 2018
Authored by Stephen Shkardoon | Site metasploit.com

Watchguard AP100/AP102/AP200 version 1.2.9.15 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 72c4e1b8e713ea2450edc6acb51612d5
Gentoo Linux Security Advisory 201805-07
Posted May 23, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201805-7 - Multiple vulnerabilities have been found in Samba, the worst of which may allow remote execution of arbitrary code. Versions less than 4.5.16 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2119, CVE-2017-14746, CVE-2017-15275, CVE-2017-7494, CVE-2018-1050, CVE-2018-1057
MD5 | 8dfc099790605ee6172b5f6d59c3cfe3
Watchguard Hard-Coded Credentials / Failed Controls
Posted May 3, 2018
Authored by Stephen Shkardoon

WatchGuard Access Points running firmware before version 1.2.9.15 suffer from hard-coded credential, hidden authentication, file upload, and incorrect validation vulnerabilities.

tags | exploit, vulnerability, file upload
advisories | CVE-2018-10575, CVE-2018-10576, CVE-2018-10577, CVE-2018-10578
MD5 | 2ce103fc55de9e6fbe94f48a5f490449
Samba 4.x Password Change
Posted Mar 14, 2018
Authored by Bjorn Baumbach | Site samba.org

On a Samba 4 AD DC any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts.

tags | advisory
advisories | CVE-2018-1057
MD5 | 3b6810bd48be05c7a1e4a015732305ed
Slackware Security Advisory - samba Updates
Posted Mar 14, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security a issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1057
MD5 | fcd071129a61e1cc9ffc4fc74786e3ad
Ubuntu Security Notice USN-3595-1
Posted Mar 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3595-1 - Bjorn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-1050, CVE-2018-1057
MD5 | 53ea89518cd086c2dabca11c525030fe
Debian Security Advisory 4135-1
Posted Mar 13, 2018
Authored by Debian | Site debian.org

1803-advisories/dsa-4135-1.txt 85b068ea50632a5111f3d300ea85c6bc Debian Linux Security Advisory 4135-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2018-1050, CVE-2018-1057
MD5 | 85b068ea50632a5111f3d300ea85c6bc
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close