Synology-SA-19:23 Samba AD DC
Publish Time: 2019-05-15 16:06:59 UTC+8
Last Updated: 2019-06-11 16:10:03 UTC+8
- Severity
- Important
- Status
- Resolved
Abstract
CVE-2018-16860 allows man-in-the-middle attackers to bypass security constraints via a susceptible version of Directory Server for Windows Domain.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| Directory Server for Windows Domain | Important | Upgrade to 6.2.2-24922-1 or above. |
Mitigation
None
Detail
Reserved
Reference
- Samba Releases Security Updates
- Samba - Security Announcement Archive - CVE-2018-16860
- CVE-2018-16860
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2019-05-15 | Initial public release. |
| 2 | 2019-06-11 | Update for Directory Server for Windows Domain is now available in Affected Products. |