An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
References
Configurations
History
22 Jan 2025, 16:10
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
| References | () https://bugzilla.samba.org/show_bug.cgi?id=13595 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
| References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/ - Patch, Third Party Advisory | |
| References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/ - Patch, Third Party Advisory | |
| References | () http://www.openwall.com/lists/oss-security/2023/11/28/4 - Mailing List | |
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=1625445 - Exploit, Issue Tracking, Patch, Third Party Advisory |
04 Dec 2023, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
02 Dec 2023, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
28 Nov 2023, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Information
Published : 2023-01-17 18:15
Updated : 2025-01-22 16:10
NVD link : CVE-2018-14628
Mitre link : CVE-2018-14628
JSON object : View
Products Affected
samba
- samba
fedoraproject
- fedora
CWE
CWE-862
Missing Authorization