CVE-2018-14628: Fwd: Samba 4.19.3 Available for Download - addresses CVE-2018-14628
First published: Wed Sep 05 2018(Updated: )
All versions of Samba from 4.0.0 onwards are vulnerable to an information leak (compared with the established behaviour of Microsoft's Active Directory) when Samba is an Active Directory Domain Controller. Missing access control checks on the LDAP_SERVER_SHOW_DELETED_OID control in the DSDB database layer cause the LDAP server to disclose, to authenticated but not privileged users, the names and preserved attributes of deleted objects. (Microsoft AD simply does not return these objects on a search). No information that was hidden before the deletion is visible, but in Microsoft Active Directory the whole object is also not visible without administrative rights, whereas Samba allows read of limited set of attributes that are preserved after delete.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samba Samba | >=4.0.0 | |
| Fedoraproject Fedora | =37 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.samba.org/show_bug.cgi?id=13595
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2160799
- https://bugzilla.redhat.com/show_bug.cgi?id=1625445
- http://www.openwall.com/lists/oss-security/2023/11/28/4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/
Frequently Asked Questions
What is the vulnerability ID of this information leak vulnerability?
The vulnerability ID of this information leak vulnerability is CVE-2018-14628.
What is the affected software for this vulnerability?
The affected software for this vulnerability is Samba and Fedora.
What is the severity rating of CVE-2018-14628?
The severity rating of CVE-2018-14628 is medium (4.3).
How can an attacker exploit this vulnerability?
An authenticated but unprivileged attacker could exploit this vulnerability by discovering the names and preserved attributes of deleted objects in the LDAP store.
Are there any references for this vulnerability?
Yes, you can find references for this vulnerability at the following URLs: - [https://bugzilla.samba.org/show_bug.cgi?id=13595](https://bugzilla.samba.org/show_bug.cgi?id=13595) - [https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2160799](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2160799) - [https://bugzilla.redhat.com/show_bug.cgi?id=1625445](https://bugzilla.redhat.com/show_bug.cgi?id=1625445)
- collector/nvd-index
- collector/oss-sec
- alias/CVE-2018-14628
- collector/nvd-api
- agent/author
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/references
- agent/severity
- agent/tags
- agent/description
- agent/weakness
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- vendor/samba
- canonical/samba samba
- version/samba samba/4.0.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/37