CVE-2018-1140
published 2018-08-22CVE-2018-1140: A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial…
PriorityP334medium6.5CVSS 3.0
AVAACLPRNUINSUCNINAH
EPSS
10.84%
95.3th percentile
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | samba | < samba 2:4.8.4+dfsg-1 (bookworm) | samba 2:4.8.4+dfsg-1 (bookworm) |
| samba | samba | >= 0 < 2:4.8.4+dfsg-1 | 2:4.8.4+dfsg-1 |
| samba | samba | >= 0 < 2:4.8.4+dfsg-1 | 2:4.8.4+dfsg-1 |
| samba | samba | >= 0 < 2:4.8.4+dfsg-1 | 2:4.8.4+dfsg-1 |
| samba | samba | >= 0 < 2:4.8.4+dfsg-1 | 2:4.8.4+dfsg-1 |
| samba | samba | >= 4.8.0 < 4.8.4 | 4.8.4 |
| the_samba_team | samba | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.03.3LOWAV:A/AC:L/Au:N/C:N/I:N/A:P
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
libldb: LDAP server crash via distinguishedName
vendor_redhat·2018-08-16·CVSS 6.5
CVE-2018-1140 [MEDIUM] CWE-20 libldb: LDAP server crash via distinguishedName
libldb: LDAP server crash via distinguishedName
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller.
Statement: This flaw only affects libldb/samba when configured as Active Directory Domain Controller. Versions of samba in Red Hat Enterprise Linux 6 and 7 do not support this configuration and therefore are not aff
Debian
CVE-2018-1140: samba - A missing input sanitization flaw was found in the implementation of LDP databas...
vendor_debian·2018·CVSS 6.5
CVE-2018-1140 [MEDIUM] CVE-2018-1140: samba - A missing input sanitization flaw was found in the implementation of LDP databas...
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
Scope: local
bookworm: resolved (fixed in 2:4.8.4+dfsg-1)
bullseye: resolved (fixed in 2:4.8.4+dfsg-1)
forky: resolved (fixed in 2:4.8.4+dfsg-1)
sid: resolved (fixed in 2:4.8.4+dfsg-1)
trixie: resolved (fixed in 2:4.8.4+dfsg-1)
GHSA
GHSA-7rxg-m3xw-pq9p: A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server
ghsa_unreviewed·2022-05-13
CVE-2018-1140 [MEDIUM] CWE-20 GHSA-7rxg-m3xw-pq9p: A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
OSV
CVE-2018-1140: A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server
osv·2018-08-22·CVSS 6.5
CVE-2018-1140 [MEDIUM] CVE-2018-1140: A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-1140 libldb: samba: LDAP server crash via distinguishedName [fedora-all]
bugzilla·2018-08-17·CVSS 6.5
CVE-2018-1140 [MEDIUM] CVE-2018-1140 libldb: samba: LDAP server crash via distinguishedName [fedora-all]
CVE-2018-1140 libldb: samba: LDAP server crash via distinguishedName [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported vers
Bugzilla
CVE-2018-1140 libldb: LDAP server crash via distinguishedName
bugzilla·2018-05-21·CVSS 6.5
CVE-2018-1140 [MEDIUM] CVE-2018-1140 libldb: LDAP server crash via distinguishedName
CVE-2018-1140 libldb: LDAP server crash via distinguishedName
As per upstream advisory:
All versions of Samba from 4.8.0 onwards are vulnerable to a denial of service attack when Samba is an Active Directory Domain Controller.
Missing input sanitization checks on some of the input parameters to LDB database layer cause the LDAP server and DNS server to crash when following a NULL pointer.
There is no further vulnerability associated with this error, merely a denial of service.
Discussion:
External Reference:
https://www.samba.org/samba/security/CVE-2018-1140.html
https://bugzilla.samba.org/show_bug.cgi?id=13374
---
Acknowledgments:
Name: Laurent Debomy, Andrej Gessel and Kai Blin (The samba project)
---
Created libldb tracking bugs for this issue:
Affects: fedora-all [bug 1618
http://www.securityfocus.com/bid/105082https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1140https://bugzilla.samba.org/show_bug.cgi?id=13374https://security.gentoo.org/glsa/202003-52https://security.netapp.com/advisory/ntap-20180814-0001/https://www.samba.org/samba/security/CVE-2018-1140.htmlhttp://www.securityfocus.com/bid/105082https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1140https://bugzilla.samba.org/show_bug.cgi?id=13374https://security.gentoo.org/glsa/202003-52https://security.netapp.com/advisory/ntap-20180814-0001/https://www.samba.org/samba/security/CVE-2018-1140.html
2018-08-22
Published