-
Notifications
You must be signed in to change notification settings - Fork 785
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
0620641
commit e1f0c0a
Showing
7 changed files
with
60 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2018-10918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10918) | ||
![](https://img.shields.io/static/v1?label=Product&message=samba&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476&color=brighgreen) | ||
|
||
### Description | ||
|
||
A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://usn.ubuntu.com/3738-1/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2018-10919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919) | ||
![](https://img.shields.io/static/v1?label=Product&message=samba&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-203&color=brighgreen) | ||
|
||
### Description | ||
|
||
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://usn.ubuntu.com/3738-1/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2018-1139](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139) | ||
![](https://img.shields.io/static/v1?label=Product&message=samba&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20&color=brighgreen) | ||
|
||
### Description | ||
|
||
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://usn.ubuntu.com/3738-1/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters