Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-16853

Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration. Additionally, Samba 4.7.12, 4.8.7 and 4.9.3 have been issued as security releases to prevent building of the AD DC with MIT Kerberos unless --with-experimental-mit-ad-dc is specified to the configure command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.038
EPSS Ranking 87.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 4.3
Products affected by CVE-2018-16853
  • Samba » Samba » Version: 4.7.0
    cpe:2.3:a:samba:samba:4.7.0
  • Samba » Samba » Version: 4.7.1
    cpe:2.3:a:samba:samba:4.7.1
  • Samba » Samba » Version: 4.7.10
    cpe:2.3:a:samba:samba:4.7.10
  • Samba » Samba » Version: 4.7.11
    cpe:2.3:a:samba:samba:4.7.11
  • Samba » Samba » Version: 4.7.2
    cpe:2.3:a:samba:samba:4.7.2
  • Samba » Samba » Version: 4.7.3
    cpe:2.3:a:samba:samba:4.7.3
  • Samba » Samba » Version: 4.7.4
    cpe:2.3:a:samba:samba:4.7.4
  • Samba » Samba » Version: 4.7.5
    cpe:2.3:a:samba:samba:4.7.5
  • Samba » Samba » Version: 4.7.6
    cpe:2.3:a:samba:samba:4.7.6
  • Samba » Samba » Version: 4.7.7
    cpe:2.3:a:samba:samba:4.7.7
  • Samba » Samba » Version: 4.7.8
    cpe:2.3:a:samba:samba:4.7.8
  • Samba » Samba » Version: 4.7.9
    cpe:2.3:a:samba:samba:4.7.9
  • Samba » Samba » Version: 4.8.0
    cpe:2.3:a:samba:samba:4.8.0
  • Samba » Samba » Version: 4.8.1
    cpe:2.3:a:samba:samba:4.8.1
  • Samba » Samba » Version: 4.8.2
    cpe:2.3:a:samba:samba:4.8.2
  • Samba » Samba » Version: 4.8.3
    cpe:2.3:a:samba:samba:4.8.3
  • Samba » Samba » Version: 4.8.4
    cpe:2.3:a:samba:samba:4.8.4
  • Samba » Samba » Version: 4.8.5
    cpe:2.3:a:samba:samba:4.8.5
  • Samba » Samba » Version: 4.8.6
    cpe:2.3:a:samba:samba:4.8.6
  • Samba » Samba » Version: 4.9.0
    cpe:2.3:a:samba:samba:4.9.0
  • Samba » Samba » Version: 4.9.1
    cpe:2.3:a:samba:samba:4.9.1
  • Samba » Samba » Version: 4.9.2
    cpe:2.3:a:samba:samba:4.9.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved