Samba Authenticated DRSUAPI RPC Service Denial of Service Vulnerability [CVE-2018-10918]
CVE Number – CVE-2018-10918
A vulnerability in Samba could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to insufficient NULL pointer checks on user-supplied input in parameters to DRSUAPI remote procedure call (RPC) requests by the affected software. An attacker could exploit this vulnerability by sending crafted RPC requests to a targeted Active Directory domain controller (AD DC). A successful exploit could lead to a NULL pointer dereference error and cause the AD DC samba process to crash, resulting in a DoS condition.
Samba.org confirmed the vulnerability and released patches.
-
To exploit this vulnerability, the attacker must be on the same physical or logical network to make crafted RPC requests to a targeted AD DC, making exploitation more difficult in environments that restrict network access from untrusted sources.
-
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
Administrators are advised to monitor affected systems.
-
Samba.org released a security announcement at the following link: CVE-2018-10918
-
Samba.org released patches at the following link: Samba Security Releases
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.