Ask the Community
Groups
CVE-2018-10858 samba: insufficient input validation in libsmbclient - Connect IT Community | Kaseya
<main> <article class="userContent"> <h3 data-id="summary"><strong>SUMMARY</strong></h3> <p>Not exposed</p> <h3 data-id="cve-id"><strong>CVE ID</strong></h3> <p>CVE-2018-10858</p> <h3 data-id="description"><strong>DESCRIPTION</strong></h3> <p>A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client.<br><br>CVSS3 Base Score 4.3<br>Public Date: 2018-08-16<br> </p> <h3 data-id="resolution"><strong>RESOLUTION</strong></h3> <p>Unitrends assessment: Not exposed (false positive)<br> Red Hat Enterprise Linux 6 samba is not affected.<br><br> </p> <h3 data-id="link-to-advisories"><strong>LINK TO ADVISORIES</strong></h3> <p></p> <ul><li><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2Fcve-2018-10858%250D%250Ahttps%3A%2F%2Fnvd.nist.gov%2Fvuln%2Fdetail%2FCVE-2018-10858%250D%250Ahttps%3A%2F%2Fwww.samba.org%2Fsamba%2Fsecurity%2FCVE-2018-10858.html">https://access.redhat.com/security/cve/cve-2018-10858 https://nvd.nist.gov/vuln/detail/CVE-2018-10858 https://www.samba.org/samba/security/CVE-2018-10858.html</a></li></ul> </article> </main>