CVE-2018-14628
N/A
N/A
Summary
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Samba | All versions from 4.0.0 onwards | affected |
Weaknesses
- CWE-862: CWE-862
ADP Enrichment
CVE Program Container
Additional References
- https://security.netapp.com/advisory/ntap-20230223-0008/
- https://bugzilla.samba.org/show_bug.cgi?id=13595
- https://bugzilla.redhat.com/show_bug.cgi?id=1625445
- http://www.openwall.com/lists/oss-security/2023/11/28/4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/
References
- https://bugzilla.samba.org/show_bug.cgi?id=13595
- https://bugzilla.redhat.com/show_bug.cgi?id=1625445
- http://www.openwall.com/lists/oss-security/2023/11/28/4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.