Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2484)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.2.2019.2484

Category: Huawei EulerOS Local Security Checks

Title: Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2484)

Summary: The remote host is missing an update for the Huawei EulerOS 'samba' package(s) announced via the EulerOS-SA-2019-2484 advisory.

Description: Summary:
The remote host is missing an update for the Huawei EulerOS 'samba' package(s) announced via the EulerOS-SA-2019-2484 advisory.

Vulnerability Insight:
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.(CVE-2018-10919)

Affected Software/OS:
'samba' package(s) on Huawei EulerOS V2.0SP2.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-10919
BugTraq ID: 105081
http://www.securityfocus.com/bid/105081
Debian Security Information: DSA-4271 (Google Search)
https://www.debian.org/security/2018/dsa-4271
https://security.gentoo.org/glsa/202003-52
https://usn.ubuntu.com/3738-1/

Copyright Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.2.2019.2484
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2484)
Summary:	The remote host is missing an update for the Huawei EulerOS 'samba' package(s) announced via the EulerOS-SA-2019-2484 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'samba' package(s) announced via the EulerOS-SA-2019-2484 advisory. Vulnerability Insight: The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.(CVE-2018-10919) Affected Software/OS: 'samba' package(s) on Huawei EulerOS V2.0SP2. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-10919 BugTraq ID: 105081 http://www.securityfocus.com/bid/105081 Debian Security Information: DSA-4271 (Google Search) https://www.debian.org/security/2018/dsa-4271 https://security.gentoo.org/glsa/202003-52 https://usn.ubuntu.com/3738-1/
Copyright	Copyright (C) 2020 Greenbone AG