USN-3595-1
- Source
- https://ubuntu.com/security/notices/USN-3595-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3595-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-3595-1
- Upstream
- Related
- Published
- 2018-03-13T14:28:15.192197Z
- Modified
- 2025-10-13T04:34:35Z
- Summary
- samba vulnerabilities
- Details
-
Björn Baumbach discovered that Samba incorrectly validated permissions when changing account passwords via LDAP. An authenticated attacker could use this issue to change the password of other users, including administrators, and perform actions as those users. (CVE-2018-1057)
It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to crash, resulting in a denial of service. (CVE-2018-1050)
- References
Affected packages
Ubuntu:14.04:LTS / samba
Package
- Name
- samba
- Purl
- pkg:deb/ubuntu/samba@2:4.3.11+dfsg-0ubuntu0.14.04.14?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2:4.3.11+dfsg-0ubuntu0.14.04.14
Affected versions
2:3.*
2:3.6.18-1ubuntu3
2:4.*
2:4.0.10+dfsg-4ubuntu2
2:4.0.13+dfsg-1ubuntu1
2:4.1.3+dfsg-2ubuntu2
2:4.1.3+dfsg-2ubuntu3
2:4.1.3+dfsg-2ubuntu4
2:4.1.3+dfsg-2ubuntu5
2:4.1.6+dfsg-1ubuntu1
2:4.1.6+dfsg-1ubuntu2
2:4.1.6+dfsg-1ubuntu2.14.04.1
2:4.1.6+dfsg-1ubuntu2.14.04.2
2:4.1.6+dfsg-1ubuntu2.14.04.3
2:4.1.6+dfsg-1ubuntu2.14.04.4
2:4.1.6+dfsg-1ubuntu2.14.04.5
2:4.1.6+dfsg-1ubuntu2.14.04.7
2:4.1.6+dfsg-1ubuntu2.14.04.8
2:4.1.6+dfsg-1ubuntu2.14.04.9
2:4.1.6+dfsg-1ubuntu2.14.04.11
2:4.1.6+dfsg-1ubuntu2.14.04.12
2:4.1.6+dfsg-1ubuntu2.14.04.13
2:4.3.8+dfsg-0ubuntu0.14.04.2
2:4.3.9+dfsg-0ubuntu0.14.04.1
2:4.3.9+dfsg-0ubuntu0.14.04.3
2:4.3.11+dfsg-0ubuntu0.14.04.1
2:4.3.11+dfsg-0ubuntu0.14.04.2
2:4.3.11+dfsg-0ubuntu0.14.04.3
2:4.3.11+dfsg-0ubuntu0.14.04.4
2:4.3.11+dfsg-0ubuntu0.14.04.6
2:4.3.11+dfsg-0ubuntu0.14.04.7
2:4.3.11+dfsg-0ubuntu0.14.04.8
2:4.3.11+dfsg-0ubuntu0.14.04.9
2:4.3.11+dfsg-0ubuntu0.14.04.10
2:4.3.11+dfsg-0ubuntu0.14.04.11
2:4.3.11+dfsg-0ubuntu0.14.04.12
2:4.3.11+dfsg-0ubuntu0.14.04.13
Ecosystem specific
{
"binaries": [
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libpam-smbpass",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libparse-pidl-perl",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libsmbclient",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libsmbclient-dev",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libsmbsharemodes-dev",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libsmbsharemodes0",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libwbclient-dev",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "python-samba",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba-dev",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
},
{
"binary_name": "winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.14.04.14"
}
],
"availability": "No subscription required"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:14.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2018-1050"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
],
"id": "CVE-2018-1057"
}
]
}
Ubuntu:16.04:LTS / samba
Package
- Name
- samba
- Purl
- pkg:deb/ubuntu/samba@2:4.3.11+dfsg-0ubuntu0.16.04.13?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2:4.3.11+dfsg-0ubuntu0.16.04.13
Affected versions
2:4.*
2:4.1.17+dfsg-4ubuntu2
2:4.1.20+dfsg-1ubuntu1
2:4.1.20+dfsg-1ubuntu2
2:4.1.20+dfsg-1ubuntu3
2:4.1.20+dfsg-1ubuntu5
2:4.3.3+dfsg-1ubuntu1
2:4.3.3+dfsg-1ubuntu2
2:4.3.3+dfsg-1ubuntu3
2:4.3.6+dfsg-1ubuntu1
2:4.3.8+dfsg-0ubuntu1
2:4.3.9+dfsg-0ubuntu0.16.04.1
2:4.3.9+dfsg-0ubuntu0.16.04.2
2:4.3.9+dfsg-0ubuntu0.16.04.3
2:4.3.11+dfsg-0ubuntu0.16.04.1
2:4.3.11+dfsg-0ubuntu0.16.04.3
2:4.3.11+dfsg-0ubuntu0.16.04.5
2:4.3.11+dfsg-0ubuntu0.16.04.6
2:4.3.11+dfsg-0ubuntu0.16.04.7
2:4.3.11+dfsg-0ubuntu0.16.04.8
2:4.3.11+dfsg-0ubuntu0.16.04.9
2:4.3.11+dfsg-0ubuntu0.16.04.10
2:4.3.11+dfsg-0ubuntu0.16.04.11
2:4.3.11+dfsg-0ubuntu0.16.04.12
Ecosystem specific
{
"binaries": [
{
"binary_name": "ctdb",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "libparse-pidl-perl",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "libsmbclient",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "libsmbclient-dev",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "libwbclient-dev",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "python-samba",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba-dev",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
},
{
"binary_name": "winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.13"
}
],
"availability": "No subscription required"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:16.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2018-1050"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
],
"id": "CVE-2018-1057"
}
]
}