samba releases security updates – Oct 2019

Samba releases security updates – Oct 2019

Preface: Samba like a middle man bridging all the races in cyber world.

Background: Samba is a free software for connecting the UNIX operating system to the SMB/CIFS network protocol of the Microsoft Windows operating system. The third edition not only accesses and shares SMB folders and printers, but also integrates into the Windows Server domain, acting as a domain control station and joining Active Directory members.

Vulnerability details:
1) Path traversal (Severity – medium) – CVE-2019-10218

2)Use of Obsolete Function (Severity-low) – CVE-2018-18433

3)NULL pointer dereference (Severity-medium) – CVE-2019-14847

For the details of design weakness, please refer to attached diagram.