SB2018062017 - Red Hat update for samba
Published: June 20, 2018
Security Bulletin ID
SB2018062017
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper input validation (CVE-ID: CVE-2018-1050)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.The vulnerability exists due to improper input validation when processing RPC requests to the spoolss service. A remote attacker can send a specially crafted RPC request to the affected service and trigger denial of service conditions.
Successful exploitation of the vulnerability requires that the RPC spoolss service services is configured as external daemon.
Remediation
Install update from vendor's website.