Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS.
Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to share network shared folders, files, and printers with Windows operating system.
The denial of service vulnerability, assigned CVE-2018-1050, affects all versions of Samba from 4.0.0 onwards and could be exploited "when the RPC spoolss service is configured to be run as an external daemon."
"Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. If the RPC spoolss service is left by default as an internal service, all a client can do is crash its own authenticated connection." Samba advisory says.
The second vulnerability, assigned CVE-2018-1057, allows unprivileged authenticated users to change any other users' passwords, including admin users, over LDAP.
Password reset flaw exists on all versions of Samba from 4.0.0 onwards, but works only in Samba Active Directory DC implementation, as it doesn't properly validate permissions of users when they request to modify passwords over LDAP.
Discover the Hidden Dangers of Third-Party SaaS Apps
Are you aware of the risks associated with third-party app access to your company's SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.RESERVE YOUR SEAT
A large number of servers might potentially be at risk, because Samba ships with a wide range of Linux distributions.
The maintainers of Samba have addressed both vulnerabilities with the release of new Samba versions 4.7.6, 4.6.14, 4.5.16 and have advised administrators to update vulnerable servers immediately.
If you are running an older version of Samba, check this page for contributed patches, if available.