usn-4167-1
Vulnerability from osv_ubuntu
Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. (CVE-2019-10218)
Simon Fonteneau and Björn Baumbach discovered that Samba incorrectly handled the check password script. This issue could possibly bypass custom password complexity checks, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.04, and Ubuntu 19.10. (CVE-2019-14833)
Adam Xu discovered that Samba incorrectly handled the dirsync LDAP control. A remote attacker with "get changes" permissions could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2019-14847)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2019-10218",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14847",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:16.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ctdb",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "libparse-pidl-perl",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "libsmbclient",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "python-samba",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "samba",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
},
{
"binary_name": "winbind",
"binary_version": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "samba",
"purl": "pkg:deb/ubuntu/samba@2:4.3.11+dfsg-0ubuntu0.16.04.23?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.3.11+dfsg-0ubuntu0.16.04.23"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2:4.1.17+dfsg-4ubuntu2",
"2:4.1.20+dfsg-1ubuntu1",
"2:4.1.20+dfsg-1ubuntu2",
"2:4.1.20+dfsg-1ubuntu3",
"2:4.1.20+dfsg-1ubuntu5",
"2:4.3.3+dfsg-1ubuntu1",
"2:4.3.3+dfsg-1ubuntu2",
"2:4.3.3+dfsg-1ubuntu3",
"2:4.3.6+dfsg-1ubuntu1",
"2:4.3.8+dfsg-0ubuntu1",
"2:4.3.9+dfsg-0ubuntu0.16.04.1",
"2:4.3.9+dfsg-0ubuntu0.16.04.2",
"2:4.3.9+dfsg-0ubuntu0.16.04.3",
"2:4.3.11+dfsg-0ubuntu0.16.04.1",
"2:4.3.11+dfsg-0ubuntu0.16.04.3",
"2:4.3.11+dfsg-0ubuntu0.16.04.5",
"2:4.3.11+dfsg-0ubuntu0.16.04.6",
"2:4.3.11+dfsg-0ubuntu0.16.04.7",
"2:4.3.11+dfsg-0ubuntu0.16.04.8",
"2:4.3.11+dfsg-0ubuntu0.16.04.9",
"2:4.3.11+dfsg-0ubuntu0.16.04.10",
"2:4.3.11+dfsg-0ubuntu0.16.04.11",
"2:4.3.11+dfsg-0ubuntu0.16.04.12",
"2:4.3.11+dfsg-0ubuntu0.16.04.13",
"2:4.3.11+dfsg-0ubuntu0.16.04.15",
"2:4.3.11+dfsg-0ubuntu0.16.04.16",
"2:4.3.11+dfsg-0ubuntu0.16.04.17",
"2:4.3.11+dfsg-0ubuntu0.16.04.18",
"2:4.3.11+dfsg-0ubuntu0.16.04.19",
"2:4.3.11+dfsg-0ubuntu0.16.04.20",
"2:4.3.11+dfsg-0ubuntu0.16.04.21"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2019-10218",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14833",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14847",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:18.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ctdb",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "libparse-pidl-perl",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "libsmbclient",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "python-samba",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "samba",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
},
{
"binary_name": "winbind",
"binary_version": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "samba",
"purl": "pkg:deb/ubuntu/samba@2:4.7.6+dfsg~ubuntu-0ubuntu2.13?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.7.6+dfsg~ubuntu-0ubuntu2.13"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2:4.6.7+dfsg-1ubuntu3",
"2:4.7.1+dfsg-1ubuntu1",
"2:4.7.3+dfsg-1ubuntu1",
"2:4.7.4+dfsg-1ubuntu1",
"2:4.7.6+dfsg~ubuntu-0ubuntu1",
"2:4.7.6+dfsg~ubuntu-0ubuntu2",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.2",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.4",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.5",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.6",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.7",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.9",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.10",
"2:4.7.6+dfsg~ubuntu-0ubuntu2.11"
]
}
],
"aliases": [],
"details": "Michael Hanselmann discovered that the Samba client code incorrectly\nhandled path separators. If a user were tricked into connecting to a\nmalicious server, a remote attacker could use this issue to cause the\nclient to access local pathnames instead of network pathnames.\n(CVE-2019-10218)\n\nSimon Fonteneau and Bj\u00f6rn Baumbach discovered that Samba incorrectly\nhandled the check password script. This issue could possibly bypass custom\npassword complexity checks, contrary to expectations. This issue only\naffected Ubuntu 18.04 LTS, Ubuntu 19.04, and Ubuntu 19.10. (CVE-2019-14833)\n\nAdam Xu discovered that Samba incorrectly handled the dirsync LDAP control.\nA remote attacker with \"get changes\" permissions could possibly use this\nissue to cause Samba to crash, resulting in a denial of service.\n(CVE-2019-14847)\n",
"id": "USN-4167-1",
"modified": "2026-04-22T07:36:37Z",
"published": "2019-10-29T12:15:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-4167-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-10218"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14833"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14847"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "samba vulnerabilities",
"upstream": [
"UBUNTU-CVE-2019-10218",
"UBUNTU-CVE-2019-14833",
"UBUNTU-CVE-2019-14847"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.