CVE-2018-10858

CVE-2018-10858

Name

CVE-2018-10858

Description

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Vendor Advisory	https://www.samba.org/samba/security/CVE-2018-10858.html
Issue Tracking	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10858
Third Party Advisory	https://www.debian.org/security/2018/dsa-4271
Third Party Advisory	https://usn.ubuntu.com/3738-1/
Third Party Advisory	https://security.netapp.com/advisory/ntap-20180814-0001/
Third Party Advisory	http://www.securityfocus.com/bid/105085
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:2613
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:2612
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:3056
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:3470
Third Party Advisory	http://www.securitytracker.com/id/1042002
CONFIRM	https://kc.mcafee.com/corporate/index?page=content&id=SB10284
GENTOO	https://security.gentoo.org/glsa/202003-52

Type

URI

Vendor Advisory

https://www.samba.org/samba/security/CVE-2018-10858.html

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10858

Third Party Advisory

https://www.debian.org/security/2018/dsa-4271

Third Party Advisory

https://usn.ubuntu.com/3738-1/

Third Party Advisory

https://security.netapp.com/advisory/ntap-20180814-0001/