SUSE-SU-2018:2318-1

Advisory lineage Upstream: 5 Downstream: 0

Upstream

CVE-2018-10858 CVE-2018-10918 CVE-2018-10919 CVE-2018-1139 CVE-2018-1140

Published: 14 Aug 2018, 09:53

Last modified:04 Feb 2026, 04:08

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

14 Aug 2018, 09:53

Published

Vulnerability first disclosed

04 Feb 2026, 04:08

Last Modified

Vulnerability information updated

Description

Security update for samba This update for samba fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; (bsc#1095048) - CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes; (bsc#1095056) - CVE-2018-10919: Confidential attribute disclosure via substring search; (bsc#1095057) - CVE-2018-10858: smbc_urlencode helper function is a subject to buffer overflow; (bsc#1103411) - CVE-2018-10918: Fix NULL ptr dereference in DsCrackNames on a user without a SPN; (bsc#1103414)

Affected Systems

suse•samba&distro=SUSE Linux Enterprise High Availability Extension 15
< 4.7.8+git.86.94b6d10f7dd-4.15.1
suse•samba&distro=SUSE Linux Enterprise Module for Basesystem 15
< 4.7.8+git.86.94b6d10f7dd-4.15.1

SUSE-SU-2018:2318-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (11)