CVE-2018-14628

Published: Jan 17, 2023

Modified: Feb 13, 2025

PUBLISHED

Description

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.

Vendor	Product	Versions
n/a	Samba	affected `All versions from 4.0.0 onwards`

Weaknesses (CWE)

CWE-862

References

https://bugzilla.samba.org/show_bug.cgi?id=13595

https://bugzilla.redhat.com/show_bug.cgi?id=1625445

http://www.openwall.com/lists/oss-security/2023/11/28/4

https://lists.fedoraproject.org/archives/list/[email protected]/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-14628

Description

Affected Products

Weaknesses (CWE)

References