Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2020:0943
HistoryMar 23, 2020 - 1:41 p.m.

(RHSA-2020:0943) Moderate: samba security and bug fix update

2020-03-2313:41:48
access.redhat.com
111

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and various information.

The Samba packages have been upgraded to upstream version 4.10.4, which provides a number of bug fixes and enhancements over the previous version. (BZ#1776952)

Security Fix(es):

  • samba: smb client vulnerable to filenames containing path separators (CVE-2019-10218)

  • samba: Crash after failed character conversion at log level 3 or above (CVE-2019-14907)

Bug Fix(es):

  • Earlier, the directory entries did not initialize completely and hence Samba did not check correctly for DFS redirects. The Windows Explorer did not display the DFS redirects properly and instead of showing the redirects as directories, Samba displayed the redirects as files. With this fix, the Samba’s vfs_glusterfs module has been fixed so that DFS redirects now work as expected. (BZ#1784827)

Users of Samba with Red Hat Gluster Storage are advised to upgrade to these updated packages

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64libtalloc< 2.2.0-9.el7rhgslibtalloc-2.2.0-9.el7rhgs.x86_64.rpm
RedHat7x86_64samba-client-libs< 4.11.6-104.el7rhgssamba-client-libs-4.11.6-104.el7rhgs.x86_64.rpm
RedHat7x86_64python3-samba< 4.11.6-104.el7rhgspython3-samba-4.11.6-104.el7rhgs.x86_64.rpm
RedHat7x86_64libtalloc-devel< 2.2.0-9.el7rhgslibtalloc-devel-2.2.0-9.el7rhgs.x86_64.rpm
RedHat7x86_64libtevent< 0.10.0-4.el7rhgslibtevent-0.10.0-4.el7rhgs.x86_64.rpm
RedHat7x86_64samba< 4.11.6-104.el7rhgssamba-4.11.6-104.el7rhgs.x86_64.rpm
RedHat7x86_64libtdb< 1.4.2-4.el7rhgslibtdb-1.4.2-4.el7rhgs.x86_64.rpm
RedHat7x86_64samba-krb5-printing< 4.11.6-104.el7rhgssamba-krb5-printing-4.11.6-104.el7rhgs.x86_64.rpm
RedHat7x86_64samba-winbind-clients< 4.11.6-104.el7rhgssamba-winbind-clients-4.11.6-104.el7rhgs.x86_64.rpm
RedHat7x86_64libtevent-devel< 0.10.0-4.el7rhgslibtevent-devel-0.10.0-4.el7rhgs.x86_64.rpm
Rows per page:
1-10 of 361

Related

nessus 58
oraclelinux 3
redhat 3
redhatcve 2
amazon 4
osv 4
f5 1
ibm 8
ubuntucve 2
prion 2
veracode 2
openvas 43
centos 2
alpinelinux 2
debiancve 2
samba 2
cve 2
symantec 1
fedora 7
debian 2
ubuntu 3
altlinux 6
freebsd 2
cisa 2
suse 3
mageia 2
archlinux 1
gentoo 1
nessus
nessus
RHEL 7 : samba (RHSA-2020:0943)
2020-03-24 00:00:00
RHEL 8 : samba (RHSA-2020:1878)
2020-11-18 00:00:00
Oracle Linux 8 : samba (ELSA-2020-1878)
2023-09-07 00:00:00
oraclelinux
oraclelinux
samba security, bug fix, and enhancement update
2020-05-05 00:00:00
samba security, bug fix, and enhancement update
2020-10-06 00:00:00
samba security, bug fix, and enhancement update
2020-04-06 00:00:00
redhat
redhat
(RHSA-2020:1878) Moderate: samba security, bug fix, and enhancement update
2020-04-28 09:26:30
(RHSA-2020:3981) Moderate: samba security, bug fix, and enhancement update
2020-09-29 07:48:33
(RHSA-2020:1084) Moderate: samba security, bug fix, and enhancement update
2020-03-31 09:16:36
redhatcve
redhatcve
CVE-2019-14907
2020-01-21 10:09:13
CVE-2019-10218
2020-04-03 14:01:57
amazon
amazon
Medium: samba
2020-10-22 18:38:00
Medium: samba
2020-11-14 01:23:00
Medium: samba
2020-07-14 02:45:00
osv
osv
CVE-2019-14907
2020-01-21 18:15:12
CVE-2019-10218
2019-11-06 10:15:10
samba - security update
2023-09-12 00:00:00
f5
f5
K95010211 : Samba vulnerability CVE-2019-14907
2020-03-30 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method ( CVE-2019-14907)
2020-03-06 16:46:49
Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2019-14907)
2020-05-20 13:02:33
Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2019-10218)
2020-05-20 12:58:04
ubuntucve
ubuntucve
CVE-2019-14907
2020-01-21 00:00:00
CVE-2019-10218
2019-10-29 00:00:00
prion
prion
Design/Logic Flaw
2020-01-21 18:15:00
Design/Logic Flaw
2019-11-06 10:15:00
veracode
veracode
Denial Of Service (DoS)
2020-08-06 21:39:04
Privilege Escalation
2020-08-06 21:28:32
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0152-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0233-1)
2021-04-19 00:00:00
Samba Security Vulnerability (CVE-2019-10218)
2021-11-11 00:00:00
centos
centos
ctdb, libsmbclient, libwbclient, samba security update
2020-10-20 18:56:03
ctdb, libsmbclient, libwbclient, samba security update
2020-04-08 19:18:01
alpinelinux
alpinelinux
CVE-2019-14907
2020-01-21 18:15:00
CVE-2019-10218
2019-11-06 10:15:00
debiancve
debiancve
CVE-2019-14907
2020-01-21 18:15:00
CVE-2019-10218
2019-11-06 10:15:00
samba
samba
Crash after failed character conversion at
2020-01-21 00:00:00
Client code can return filenames containing
2019-10-29 00:00:00
cve
cve
CVE-2019-10218
2019-11-06 10:15:00
CVE-2019-14907
2020-01-21 18:15:00
symantec
symantec
Samba CVE-2019-10218 Path Traversal Arbitrary File Write Vulnerability
2019-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: samba-4.11.6-0.fc31
2020-02-02 01:37:17
[SECURITY] Fedora 31 Update: samba-4.11.2-1.fc31
2019-11-14 01:13:15
[SECURITY] Fedora 31 Update: samba-4.11.3-0.fc31
2019-12-12 01:55:33
debian
debian
[SECURITY] [DLA 3563-1] samba security update
2023-09-14 14:43:24
[SECURITY] [DLA 2668-1] samba security update
2021-05-29 11:11:27
ubuntu
ubuntu
Samba vulnerabilities
2019-10-29 00:00:00
Samba vulnerabilities
2020-01-21 00:00:00
Samba vulnerabilities
2019-10-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.10.13-alt1
2020-01-24 00:00:00
Security fix for the ALT Linux 8 package samba-DC version 4.9.18-alt1
2020-02-12 00:00:00
Security fix for the ALT Linux 10 package samba version 4.10.10-alt1
2019-10-29 00:00:00
freebsd
freebsd
samba -- multiple vulnerabilities
2020-01-14 00:00:00
samba -- multiple vulnerabilities
2019-09-29 00:00:00
cisa
cisa
Samba Releases Security Updates
2020-01-21 00:00:00
Samba Releases Security Updates
2019-10-29 00:00:00
suse
suse
Security update for samba (moderate)
2020-01-29 00:00:00
Security update for samba (important)
2019-11-09 00:00:00
Security update for samba (important)
2019-11-05 00:00:00
mageia
mageia
Updated samba packages fix security vulnerabilities
2020-01-28 10:52:40
Updated samba packages fix security vulnerabilities
2019-12-19 16:44:26
archlinux
archlinux
[ASA-201911-6] samba: multiple issues
2019-11-03 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2020-03-25 00:00:00

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON
Related for RHSA-2020:0943
nessus58oraclelinux3redhat3redhatcve2amazon4osv4f51ibm8ubuntucve2prion2veracode2openvas43centos2alpinelinux2debiancve2samba2cve2symantec1fedora7debian2ubuntu3altlinux6freebsd2cisa2suse3mageia2archlinux1gentoo1