SecuritySpace - CVE-2018-16857

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2018-16857

Description: Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. The primary risk from this issue is with regards to domains that have been upgraded from Samba 4.8 and earlier. In these cases the manual testing done to confirm an organisation's password policies apply as expected may not have been re-done after the upgrade.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2018-16857
BugTraq ID: 106024
http://www.securityfocus.com/bid/106024
https://security.gentoo.org/glsa/202003-52

CVE ID:	CVE-2018-16857
Description:	Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. The primary risk from this issue is with regards to domains that have been upgraded from Samba 4.8 and earlier. In these cases the manual testing done to confirm an organisation's password policies apply as expected may not have been re-done after the upgrade.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16857 BugTraq ID: 106024 http://www.securityfocus.com/bid/106024 https://security.gentoo.org/glsa/202003-52