7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.027 Low
EPSS
Percentile
90.4%
Out-of-bounds read due to insufficient length checks in winbindd_pam_auth_crap.c (CVE-2022-2127) Improper SMB2 packet signing mechanism leading to man in the middle risk (CVE-2023-3347) Infinite loop vulnerability was found in Samba’s mdssvc RPC service for Spotlight (CVE-2023-34966) Type Confusion vulnerability was found in Samba’s mdssvc RPC service for Spotlight (CVE-2023-34967) Path disclosure vulnerability in the Spotlight protocol (CVE-2023-34968)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | samba | < 4.16.11-1 | samba-4.16.11-1.mga8 |
bugs.mageia.org/show_bug.cgi?id=32152
www.samba.org/samba/history/samba-4.16.11.html
www.samba.org/samba/history/samba-4.17.10.html
www.samba.org/samba/security/CVE-2022-2127.html
www.samba.org/samba/security/CVE-2023-3347.html
www.samba.org/samba/security/CVE-2023-34966.html
www.samba.org/samba/security/CVE-2023-34967.html
www.samba.org/samba/security/CVE-2023-34968.html
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.027 Low
EPSS
Percentile
90.4%