Unrated severityNVD Advisory· Published Jan 17, 2023· Updated Feb 13, 2025
CVE-2018-14628
CVE-2018-14628
Description
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
Affected products
44- Samba/LDAP serverdescription
- osv-coords43 versionspkg:apk/chainguard/libauth-sambapkg:apk/chainguard/libsmbclientpkg:apk/chainguard/libwbclientpkg:apk/chainguard/py3.13-sambapkg:apk/chainguard/sambapkg:apk/chainguard/samba-clientpkg:apk/chainguard/samba-commonpkg:apk/chainguard/samba-common-server-libspkg:apk/chainguard/samba-common-toolspkg:apk/chainguard/samba-devpkg:apk/chainguard/samba-libnss-winbindpkg:apk/chainguard/samba-libspkg:apk/chainguard/samba-libs-py3pkg:apk/chainguard/samba-pam-winbindpkg:apk/chainguard/samba-serverpkg:apk/chainguard/samba-server-libspkg:apk/chainguard/samba-testpkg:apk/chainguard/samba-util-libspkg:apk/chainguard/samba-winbind-clientspkg:apk/chainguard/samba-winbind-krb5-locatorpkg:apk/chainguard/winbindpkg:apk/wolfi/libauth-sambapkg:apk/wolfi/libsmbclientpkg:apk/wolfi/libwbclientpkg:apk/wolfi/py3.13-sambapkg:apk/wolfi/sambapkg:apk/wolfi/samba-clientpkg:apk/wolfi/samba-commonpkg:apk/wolfi/samba-common-server-libspkg:apk/wolfi/samba-common-toolspkg:apk/wolfi/samba-devpkg:apk/wolfi/samba-libnss-winbindpkg:apk/wolfi/samba-libspkg:apk/wolfi/samba-libs-py3pkg:apk/wolfi/samba-pam-winbindpkg:apk/wolfi/samba-serverpkg:apk/wolfi/samba-server-libspkg:apk/wolfi/samba-testpkg:apk/wolfi/samba-util-libspkg:apk/wolfi/samba-winbind-clientspkg:apk/wolfi/samba-winbind-krb5-locatorpkg:apk/wolfi/winbindpkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed
< 4.23.2-r0+ 42 more
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.23.2-r0
- (no CPE)range: < 4.19.4+git.339.acf1ccaa020-1.1
Patches
22669b77d97b5VERSION: Disable GIT_SNAPSHOT for the 4.18.9 release.
1 file changed · +1 −1
VERSION+1 −1 modified@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no ######################################################## # This is for specifying a release nickname #
fcd094b208f9VERSION: Disable GIT_SNAPSHOT for the 4.19.3 release.
1 file changed · +1 −1
VERSION+1 −1 modified@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # ######################################################## -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no ######################################################## # This is for specifying a release nickname #
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- www.openwall.com/lists/oss-security/2023/11/28/4mitre
- bugzilla.redhat.com/show_bug.cgimitre
- bugzilla.samba.org/show_bug.cgimitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/mitre
News mentions
0No linked articles in our index yet.