CVE-2018-1050NULL Pointer Dereference in Samba

CWE-476NULL Pointer Dereference15 documents9 sources
Severity
4.3MEDIUMNVD
EPSS
22.4%
top 4.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
SambaDebian SambaCanonical Ubuntu Linux+7 more
Timeline
PublishedMar 13
Latest updateMay 13

Description

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages11 packages

NVDsamba/samba3.6.04.5.16+2
debiandebian/samba< samba 2:4.7.4+dfsg-2 (bookworm)
Debiansamba/samba< 2:4.7.4+dfsg-2+3
Ubuntusamba/samba< 2:4.3.11+dfsg-0ubuntu0.14.04.14+1
CVEListV5samba/sambaAll versions of Samba from 4.0.0 onwards

Also affects: Debian Linux 7.0, 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 16.04, 17.10

🔴Vulnerability Details

3
GHSA
GHSA-mfgj-gxgx-gcc4: All versions of Samba from 42022-05-13
OSV
CVE-2018-1050: All versions of Samba from 42018-03-13
OSV
samba vulnerabilities2018-03-13

💥Exploits & PoCs

1
Exploit-DB
WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting2018-03-30

📋Vendor Advisories

5
Ubuntu
Samba vulnerability2018-03-23
Microsoft
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on s2018-03-13
Ubuntu
Samba vulnerabilities2018-03-13
Red Hat
samba: NULL pointer dereference in printer server process2018-03-13
Debian
CVE-2018-1050: samba - All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service a...2018

💬Community

5
Bugzilla
CVE-2018-4700 cups: Predictable session cookie breaks CSRF protection2018-11-13
Bugzilla
CVE-2018-17966 ImageMagick: memory leak in WritePDBImage in coders/pdb.c2018-10-05
Bugzilla
CVE-2018-4181 cups: Manipulation of cupsd.conf by a local attacker resulting in limited reads of arbitrary files as root2018-07-23
Bugzilla
CVE-2018-1050 samba: Null pointer indirection in printer server process [fedora-all]2018-03-13
Bugzilla
CVE-2018-1050 samba: NULL pointer dereference in printer server process2018-01-25