Ubuntu security notices
USN-4167-2: Samba vulnerabilities
USN-4167-2: Samba vulnerabilities samba vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Several security issues were fixed in Samba. Software Description samba – SMB/CIFS file, print, and login server for Unix Details USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. (CVE-2019-10218) Adam Xu discovered that Samba incorrectly handled the dirsync LDAP control. A remote attacker with "get changes" permissions could possibly use this issue to cause Samba to crash, resulting in a [ more… ]