March 13, 20188 yr CVE-2018-1057: Unprivileged user can change any user (and admin) password Caveats and further info here https://wiki.samba.org/index.php/CVE-2018-1057
March 13, 20188 yr Do you think there will be security release on the "Stable" branch 6.4.x? Or will only the "really chaos" branch 6.5.x see the fix?
March 13, 20188 yr Note that the issue is when Samba is used as AD domain controller. So most users aren't affected.
March 14, 20188 yr I suspect it affects almost nobody? Even when we hear about unRAID being used in an AD context it is normally about unRAID joining an AD domain (i.e. unRAID is not the AD controller).
March 15, 20188 yr Fixed in 6.5.0 I'm pretty sure. From the release notes: samba: version 4.7.6 (CVE-2018-1050, CVE-2018-1057)
Archived
This topic is now archived and is closed to further replies.