Medium severity4.3NVD Advisory· Published Mar 13, 2018· Updated Jun 17, 2026
CVE-2018-1050
CVE-2018-1050
Description
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
37>=4.0.0+ 1 more
- (no CPE)range: >=4.0.0
- (no CPE)range: All versions of Samba from 4.0.0 onwards
- osv-coords35 versionspkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/samba&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/samba-doc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/samba-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/talloc&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/talloc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/talloc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/talloc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/tevent&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/tevent&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/tevent&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/tevent&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 4.14.6+git.182.2205d5224e3-1.1+ 34 more
- (no CPE)range: < 4.14.6+git.182.2205d5224e3-1.1
- (no CPE)range: < 4.2.4-28.29.1
- (no CPE)range: < 4.6.13+git.72.2a684235f41-3.21.3
- (no CPE)range: < 4.4.2-38.17.1
- (no CPE)range: < 4.6.13+git.72.2a684235f41-3.21.3
- (no CPE)range: < 4.2.4-18.49.1
- (no CPE)range: < 4.2.4-28.29.1
- (no CPE)range: < 4.4.2-38.17.1
- (no CPE)range: < 4.6.13+git.72.2a684235f41-3.21.3
- (no CPE)range: < 3.6.3-94.11.1
- (no CPE)range: < 4.2.4-28.29.1
- (no CPE)range: < 4.4.2-38.17.1
- (no CPE)range: < 4.2.4-28.29.1
- (no CPE)range: < 4.2.4-28.29.1
- (no CPE)range: < 4.6.13+git.72.2a684235f41-3.21.3
- (no CPE)range: < 4.2.4-18.49.1
- (no CPE)range: < 4.4.2-38.17.1
- (no CPE)range: < 3.6.3-94.11.1
- (no CPE)range: < 4.2.4-28.29.1
- (no CPE)range: < 4.4.2-38.17.1
- (no CPE)range: < 4.6.13+git.72.2a684235f41-3.21.3
- (no CPE)range: < 3.6.3-94.11.1
- (no CPE)range: < 4.4.2-38.17.1
- (no CPE)range: < 4.6.13+git.72.2a684235f41-3.21.3
- (no CPE)range: < 4.2.4-28.29.1
- (no CPE)range: < 3.6.3-94.11.1
- (no CPE)range: < 3.6.3-94.11.1
- (no CPE)range: < 2.1.10-3.3.2
- (no CPE)range: < 2.1.10-3.3.2
- (no CPE)range: < 2.1.10-3.3.2
- (no CPE)range: < 2.1.10-3.3.2
- (no CPE)range: < 0.9.34-3.3.2
- (no CPE)range: < 0.9.34-3.3.2
- (no CPE)range: < 0.9.34-3.3.2
- (no CPE)range: < 0.9.34-3.3.2
Patches
Vulnerability mechanics
References
18- www.securityfocus.com/bid/103387nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040493nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2018:1860nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:1883nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2612nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2613nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:3056nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/03/msg00024.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2019/04/msg00013.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201805-07nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20180313-0001/nvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- usn.ubuntu.com/3595-1/nvdThird Party Advisory
- usn.ubuntu.com/3595-2/nvdThird Party Advisory
- www.debian.org/security/2018/dsa-4135nvdThird Party Advisory
- www.samba.org/samba/security/CVE-2018-1050.htmlnvdMitigationVendor Advisory
News mentions
0No linked articles in our index yet.