Test ID:	1.3.6.1.4.1.25623.1.0.843469
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3595-1)
Summary:	The remote host is missing an update for the 'samba' package(s) announced via the USN-3595-1 advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the USN-3595-1 advisory. Vulnerability Insight: Bjorn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. (CVE-2018-1057) It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to crash, resulting in a denial of service. (CVE-2018-1050) Affected Software/OS: 'samba' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 17.10. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1050 BugTraq ID: 103387 http://www.securityfocus.com/bid/103387 https://bugzilla.redhat.com/show_bug.cgi?id=1538771 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security.netapp.com/advisory/ntap-20180313-0001/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03834en_us https://www.samba.org/samba/security/CVE-2018-1050.html Debian Security Information: DSA-4135 (Google Search) https://www.debian.org/security/2018/dsa-4135 https://security.gentoo.org/glsa/201805-07 https://lists.debian.org/debian-lts-announce/2018/03/msg00024.html https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html RedHat Security Advisories: RHSA-2018:1860 https://access.redhat.com/errata/RHSA-2018:1860 RedHat Security Advisories: RHSA-2018:1883 https://access.redhat.com/errata/RHSA-2018:1883 RedHat Security Advisories: RHSA-2018:2612 https://access.redhat.com/errata/RHSA-2018:2612 RedHat Security Advisories: RHSA-2018:2613 https://access.redhat.com/errata/RHSA-2018:2613 RedHat Security Advisories: RHSA-2018:3056 https://access.redhat.com/errata/RHSA-2018:3056 http://www.securitytracker.com/id/1040493 https://usn.ubuntu.com/3595-1/ https://usn.ubuntu.com/3595-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1057 103382 http://www.securityfocus.com/bid/103382 1040494 http://www.securitytracker.com/id/1040494 DSA-4135 GLSA-201805-07 USN-3595-1 [debian-lts-announce] 20190409 [SECURITY] [DLA 1754-1] samba security update https://bugzilla.redhat.com/show_bug.cgi?id=1553553 https://www.samba.org/samba/security/CVE-2018-1057.html https://www.synology.com/support/security/Synology_SA_18_08
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.