CYBER NEWS

CVE-2018-1050, CVE-2018-1057 Samba Flaws Endanger Servers

Two critical vulnerabilities (CVE-2018-1050, CVE-2018-1057) have been discovered in Samba, the open-source software that is a re-implementation of the SMB networking protocol. The Samba software can run on popular operating systems such as Windows, Linux, UNIX, IBM System 390, OpenVMS.

Moreover, Samba enables operating systems like GNU/Linux ad Mac OS X to share network folders, files, and printers with Windows.

The bugs discovered in Samba could allow unprivileged remote users to carry out DoS attacks against the targeted servers. Also, attackers could also change other users’ passwords, admin passwords inclusive.

Related Story: CVE-2018-0141 Cisco Vulnerability Could Lead to Full System Control

CVE-2018-1050 Official Description

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.

The DoS Samba bug affected all versions starting from Samba 4.0.0. it could be exploited when the RPC spoolss service is configured to be run as an external daemon, researchers explain.

CVE-2018-1057 Technical Details

This bug would allow unprivileged unauthenticated authenticated users to change the passwords of any other users, admins inclusive, via LDAP. This password reset vulnerability is present in all versions starting from 4.0.0. However, it only works in Samba Active Directory DC implementation.

This is because the bug doesn’t properly validate user permissions when it is requested to change passwords via LDAP, researchers clarify.

These two Samba vulnerabilities put many servers at risk of attacks as the software comes with a large number of Linux distros.

The good news is that Samba has addressed the two bugs with the release of Samba versions
4.7.6, 4.6.14, 4.5.16. It is highly advisable for administrators to update their vulnerable servers as soon as possible. Users running older versions of Samba may refer to this page for possibly available patches.

Related Story: CVE-2018-6789 Exim Flaw Exposes 400,000 Email Servers
Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...