Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201206-22
HistoryJun 24, 2012 - 12:00 a.m.

Samba: Multiple vulnerabilities

2012-06-2400:00:00
Gentoo Foundation
security.gentoo.org
41

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON

Background

Samba is a suite of SMB and CIFS client/server programs.

Description

Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could possibly execute arbitrary code with root privileges, cause a Denial of Service condition, take ownership of shared files, or bypass file permissions. Furthermore, a local attacker may be able to cause a Denial of Service condition or obtain sensitive information in a Samba credentials file.

Workaround

There is no known workaround at this time.

Resolution

All Samba users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-fs/samba-3.5.15"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-fs/samba< 3.5.15UNKNOWN

Related

openvas 83
nessus 49
securityvulns 6
suse 4
ubuntu 4
fedora 7
osv 2
slackware 2
debian 2
altlinux 4
oraclelinux 5
centos 4
redhat 4
veracode 2
cve 3
debiancve 3
seebug 2
f5 2
prion 5
packetstorm 1
ubuntucve 3
vmware 1
checkpoint_advisories 1
openvas
openvas
Gentoo Security Advisory GLSA 201206-22 (Samba)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-22 (Samba)
2012-08-10 00:00:00
Mandriva Update for samba MDVSA-2010:141 (samba)
2010-07-30 00:00:00
nessus
nessus
GLSA-201206-22 : Samba: Multiple vulnerabilities
2012-06-25 00:00:00
Mandriva Linux Security Advisory : samba (MDVSA-2010:141)
2010-07-30 00:00:00
Samba < 3.4.8 / 3.5.2 Session Setup AndX DoS
2010-05-17 00:00:00
securityvulns
securityvulns
Samba buffer overflow
2010-06-20 00:00:00
[SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities
2009-10-14 00:00:00
Samba multiple security vulnerabilities
2009-10-14 00:00:00
suse
suse
Security update for Samba (critical)
2012-03-09 17:08:16
update for samba (critical)
2012-04-16 15:08:16
Security update for Samba (critical)
2012-04-14 13:08:16
ubuntu
ubuntu
cifs-utils vulnerabilities
2011-10-04 00:00:00
Samba vulnerabilities
2011-10-04 00:00:00
Samba vulnerability
2010-06-16 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: samba-3.5.8-74.fc13
2011-03-19 10:27:41
[SECURITY] Fedora 11 Update: samba-3.4.7-0.50.fc11
2010-03-10 06:46:46
[SECURITY] Fedora 12 Update: samba-3.4.9-60.fc12
2010-09-15 05:39:47
osv
osv
samba - several vulnerabilities
2009-10-14 00:00:00
samba - arbitrary code execution
2010-06-16 00:00:00
slackware
slackware
samba
2009-10-04 00:01:26
[slackware-security] samba
2010-06-18 21:10:09
debian
debian
[SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities
2009-10-14 02:05:13
[SECURITY] [DSA 2061-1] New samba packages fix arbitrary code execution
2010-06-16 20:40:50
altlinux
altlinux
Security fix for the ALT Linux 6 package samba version 3.0.37-alt1
2009-10-01 00:00:00
Security fix for the ALT Linux 5 package samba version 3.0.37-alt1
2009-10-01 00:00:00
Security fix for the ALT Linux 5 package samba version 3.0.37-alt2.M50P.1
2010-06-16 00:00:00
oraclelinux
oraclelinux
samba security, bug fix, and enhancement update
2012-03-01 00:00:00
samba security update
2009-10-27 00:00:00
samba3x security update
2011-08-29 00:00:00
centos
centos
samba security update
2009-10-27 19:23:21
libsmbclient, libtalloc, libtdb, samba, samba3x, tdb security update
2010-06-19 11:45:05
samba3x security update
2011-04-14 23:48:26
redhat
redhat
(RHSA-2009:1529) Moderate: samba security update
2009-10-27 00:00:00
(RHSA-2009:1585) Moderate: samba3x security and bug fix update
2009-11-16 00:00:00
(RHSA-2010:0488) Critical: samba and samba3x security update
2010-06-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:16
Denial Of Service (DoS)
2020-04-10 00:39:57
cve
cve
CVE-2010-1642
2010-06-17 16:30:00
CVE-2010-2063
2010-06-17 16:30:00
CVE-2011-0719
2011-03-01 23:00:00
debiancve
debiancve
CVE-2010-2063
2010-06-17 16:30:00
CVE-2010-1642
2010-06-17 16:30:00
CVE-2009-2906
2009-10-07 18:30:00
seebug
seebug
Samba SMB1报文链接远程内存破坏漏洞
2010-06-18 00:00:00
Samba setuid mount.cifs信息泄露漏洞
2009-10-12 00:00:00
f5
f5
K11720 : Samba server vulnerability CVE-2010-2063
2013-07-05 00:00:00
SOL11720 - Samba server vulnerability CVE-2010-2063
2010-06-21 00:00:00
prion
prion
Buffer overflow
2010-06-17 16:30:00
Out-of-bounds
2010-06-17 16:30:00
Path traversal
2009-10-07 18:30:00
packetstorm
packetstorm
Samba chain_reply Memory Corruption (Linux x86)
2010-07-17 00:00:00
ubuntucve
ubuntucve
CVE-2010-1635
2010-06-17 00:00:00
CVE-2010-1642
2010-06-17 00:00:00
CVE-2009-2948
2009-10-07 00:00:00
vmware
vmware
ESX Service Console updates for samba and acpid
2010-04-01 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against SAMBA SMBI Packets Chaining Memory Corruption
2010-08-06 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON
Related for GLSA-201206-22
openvas83nessus49securityvulns6suse4ubuntu4fedora7osv2slackware2debian2altlinux4oraclelinux5centos4redhat4veracode2cve3debiancve3seebug2f52prion5packetstorm1ubuntucve3vmware1checkpoint_advisories1