Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-3827-2)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.12.2018.3827.2

Category: Ubuntu Local Security Checks

Title: Ubuntu: Security Advisory (USN-3827-2)

Summary: The remote host is missing an update for the 'samba' package(s) announced via the USN-3827-2 advisory.

Description: Summary:
The remote host is missing an update for the 'samba' package(s) announced via the USN-3827-2 advisory.

Vulnerability Insight:
USN-3827-1 fixed a vulnerability in samba. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Florian Stuelpner discovered that Samba incorrectly handled CNAME records.
A remote attacker could use this issue to cause Samba to crash, resulting
in a denial of service. (CVE-2018-14629)

Alex MacCuish discovered that Samba incorrectly handled memory when
configured to accept smart-card authentication. A remote attacker could
possibly use this issue to cause Samba to crash, resulting in a denial of
service. (CVE-2018-16841)

Garming Sam discovered that Samba incorrectly handled memory when
processing LDAP searches. A remote attacker could possibly use this issue
to cause Samba to crash, resulting in a denial of service. (CVE-2018-16851)

Affected Software/OS:
'samba' package(s) on Ubuntu 12.04.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-14629
BugTraq ID: 106022
http://www.securityfocus.com/bid/106022
Debian Security Information: DSA-4345 (Google Search)
https://www.debian.org/security/2018/dsa-4345
https://security.gentoo.org/glsa/202003-52
https://lists.debian.org/debian-lts-announce/2018/12/msg00005.html
https://usn.ubuntu.com/3827-1/
https://usn.ubuntu.com/3827-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-16841
BugTraq ID: 106023
http://www.securityfocus.com/bid/106023
Common Vulnerability Exposure (CVE) ID: CVE-2018-16851
BugTraq ID: 106027
http://www.securityfocus.com/bid/106027

Copyright Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.12.2018.3827.2
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3827-2)
Summary:	The remote host is missing an update for the 'samba' package(s) announced via the USN-3827-2 advisory.
Description:	Summary: The remote host is missing an update for the 'samba' package(s) announced via the USN-3827-2 advisory. Vulnerability Insight: USN-3827-1 fixed a vulnerability in samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Florian Stuelpner discovered that Samba incorrectly handled CNAME records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-14629) Alex MacCuish discovered that Samba incorrectly handled memory when configured to accept smart-card authentication. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-16841) Garming Sam discovered that Samba incorrectly handled memory when processing LDAP searches. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-16851) Affected Software/OS: 'samba' package(s) on Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-14629 BugTraq ID: 106022 http://www.securityfocus.com/bid/106022 Debian Security Information: DSA-4345 (Google Search) https://www.debian.org/security/2018/dsa-4345 https://security.gentoo.org/glsa/202003-52 https://lists.debian.org/debian-lts-announce/2018/12/msg00005.html https://usn.ubuntu.com/3827-1/ https://usn.ubuntu.com/3827-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-16841 BugTraq ID: 106023 http://www.securityfocus.com/bid/106023 Common Vulnerability Exposure (CVE) ID: CVE-2018-16851 BugTraq ID: 106027 http://www.securityfocus.com/bid/106027
Copyright	Copyright (C) 2022 Greenbone AG