CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0CVE-2018-16851 – Debian Security Advisory 4345-1
https://notcve.org/view.php?id=CVE-2018-16851
27 Nov 2018 — Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service. Samba, desd... • http://www.securityfocus.com/bid/106027 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-16841 – Debian Security Advisory 4345-1
https://notcve.org/view.php?id=CVE-2018-16841
27 Nov 2018 — Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the ... • http://www.securityfocus.com/bid/106023 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-14629 – Debian Security Advisory 4345-1
https://notcve.org/view.php?id=CVE-2018-14629
27 Nov 2018 — A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service. Se ha descubierto una vulnerabilidad de denegación de servicio (DoS) en el servidor LDAP de Samba en versiones anteriores a la 4.7.12, 4.8.7, y 4.9.3. Un bucle CNAME podría conducir a una recursión infinita en el servidor. • http://www.securityfocus.com/bid/106022 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •