ALT Linux Team

Package libldb update in p8 on 2019-09-10

ALT-PU-2019-2675-1

Package libldb updated to version 1.4.7-alt1 for branch p8 in task 233242.

Closed vulnerabilities

Published: 2019-02-01

BDU:2019-01412

Уязвимость функции ldb_wildcard_compare компонента LDAP пакета программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM (4.0) Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
References:
Published: 2018-08-22

BDU:2020-00694

Уязвимость компонента LDAP-сервера программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: LOW (3.3) Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2018-08-22
Modified: 2024-11-21

CVE-2018-1140

A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable

Severity: LOW (3.3) Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2019-03-06
Modified: 2024-11-21

CVE-2019-3824

A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.

Severity: MEDIUM (4.0) Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top