SB2018031319 - Arch Linux update for samba
Published: March 13, 2018
Security Bulletin ID
SB2018031319
Severity
Medium
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Adjecent network
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2018-1050)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.The vulnerability exists due to improper input validation when processing RPC requests to the spoolss service. A remote attacker can send a specially crafted RPC request to the affected service and trigger denial of service conditions.
Successful exploitation of the vulnerability requires that the RPC spoolss service services is configured as external daemon.
2) Improper access control (CVE-ID: CVE-2018-1057)
The vulnerability allows a remote attacker to change password of arbitrary user on the server.The vulnerability exists due to insufficient validation of user rights when changing passwords. An authenticated attacker can send a specially crated LDAP request to the directory server and change password of arbitrary AD user, including administrative accounts.
Remediation
Install update from vendor's website.