VDB

GCVE-VVD-MAGEIA-2018-201

GCVE-VVD-MAGEIA-2018-201
Advisory Published
Vulnetix · Advisory published April 13, 2018
It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon (CVE-2018-1050). Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users passwords, including administrative users (CVE-2018-1057). Note that Mageia 5 was only affected by the CVE-2018-1050 issue.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiasamba0 (affected), 3.6.25-2.9.mga5 (unaffected)
Mageiasamba0 (affected), 4.6.12-1.1.mga6 (unaffected)

Aliases

CVE-2018-1057

Transitive aliases

BDU:2018-00368VVD-GENTOO-2018-650382EUVD-2018-11710GHSA-6r4h-vw53-wmvv

References

Updated samba packages fix security vulnerabilities
advisory
Updated samba packages fix security vulnerabilities
issue
Updated samba packages fix security vulnerabilities
issue
Updated samba packages fix security vulnerabilities
issue
Updated samba packages fix security vulnerabilities
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›