Test ID:	1.3.6.1.4.1.25623.1.1.10.2018.0201
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2018-0201)
Summary:	The remote host is missing an update for the 'samba' package(s) announced via the MGASA-2018-0201 advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the MGASA-2018-0201 advisory. Vulnerability Insight: It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon (CVE-2018-1050). Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users passwords, including administrative users (CVE-2018-1057). Note that Mageia 5 was only affected by the CVE-2018-1050 issue. Affected Software/OS: 'samba' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1050 BugTraq ID: 103387 http://www.securityfocus.com/bid/103387 https://bugzilla.redhat.com/show_bug.cgi?id=1538771 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security.netapp.com/advisory/ntap-20180313-0001/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03834en_us https://www.samba.org/samba/security/CVE-2018-1050.html Debian Security Information: DSA-4135 (Google Search) https://www.debian.org/security/2018/dsa-4135 https://security.gentoo.org/glsa/201805-07 https://lists.debian.org/debian-lts-announce/2018/03/msg00024.html https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html RedHat Security Advisories: RHSA-2018:1860 https://access.redhat.com/errata/RHSA-2018:1860 RedHat Security Advisories: RHSA-2018:1883 https://access.redhat.com/errata/RHSA-2018:1883 RedHat Security Advisories: RHSA-2018:2612 https://access.redhat.com/errata/RHSA-2018:2612 RedHat Security Advisories: RHSA-2018:2613 https://access.redhat.com/errata/RHSA-2018:2613 RedHat Security Advisories: RHSA-2018:3056 https://access.redhat.com/errata/RHSA-2018:3056 http://www.securitytracker.com/id/1040493 https://usn.ubuntu.com/3595-1/ https://usn.ubuntu.com/3595-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1057 103382 http://www.securityfocus.com/bid/103382 1040494 http://www.securitytracker.com/id/1040494 DSA-4135 GLSA-201805-07 USN-3595-1 [debian-lts-announce] 20190409 [SECURITY] [DLA 1754-1] samba security update https://bugzilla.redhat.com/show_bug.cgi?id=1553553 https://www.samba.org/samba/security/CVE-2018-1057.html https://www.synology.com/support/security/Synology_SA_18_08
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.