Lucene search

K
redosRedosROS-20220208-01
HistoryFeb 08, 2022 - 12:00 a.m.

ROS-20220208-01

2022-02-0800:00:00
redos.red-soft.ru
35

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

Samba network file system vulnerability, related to insecure link clicks. Exploitation
vulnerability could allow an attacker acting remotely to create a symbolic link to
determine whether a file or directory exists in the file system area of the server

Samba network file system vulnerability, related to the fact that the Samba AD DC relies only on the name of the
service member name (SPN) to identify services on the network. Exploitation of the vulnerability could allow an
an attacker to bypass the implemented protections and cause a denial of service condition by adding an
service member name that corresponds to an existing service

A vulnerability in the Samba network file system, related to a boundary error in metadata handling when
opening files in smbd in Samba’s VFS module (vfs_fruit). Exploitation of the vulnerability could allow
an attacker acting remotely to initiate an unrestricted write and execute arbitrary code with the
root privileges

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64samba<= 4.15.5-1UNKNOWN

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C