The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions.
When using custom LDAP attributes, Samba seems to recognize the searchFlags confidential flag on custom attributes and hides them from all non-admin users. However, the values of the attributes can still be guessed efficiently by brute forcing them one character after another in a wildcard search query.
Created samba tracking bugs for this issue:
Affects: fedora-all [bug 1617911]
Name: Phillip Kuhrt (the Samba project)
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):