CVE-2018-14628

Name
CVE-2018-14628
Description
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://bugzilla.samba.org/show_bug.cgi?id=13595
MISC https://bugzilla.redhat.com/show_bug.cgi?id=1625445

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* samba >= 4.0.0 <= None

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
samba 3.16-main 4.15.7-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
samba 3.15-main 4.15.13-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
samba 3.14-main 4.14.14-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
samba 3.17-main 4.16.10-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
samba edge-main 4.18.2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
samba 3.18-main 4.18.2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable