CLSA-2026-1777945598 Fix CVE(s): CVE-2020-25717, CVE-2020-25719, CVE-2020-25722

SECURITY UPDATE: domain user can become root on a domain member by renaming a machine account - debian/patches/CVE-2020-25717.patch: backport the el6/ol6 8-commit subset samba 3.6.23 precedent; introduce the new "min domain uid" smb.conf parameter default 1000 and enforce it in checkaccount so a...

Azure Linux 3.0 Security Update: samba (CVE-2020-25722)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-25722 advisory. - Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. ...

CVE-2020-25722 affecting package samba 4.12.5-7

CVE-2020-25722 affecting package samba 4.12.5-7. No patch is available currently...

CVE-2020-25722 affecting package samba for versions less than 4.18.3-1

CVE-2020-25722 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1387)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1246)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-25722

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise...

CVE-2020-25722

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise...

CVE-2020-25722

CVE-2020-25722 affects Samba AD DC and concerns inadequate access and conformance checking of stored data, potentially enabling total domain compromise. Public references in multiple feeds confirm the impact on Samba AD DC and that affected packages (e.g., Samba) require upgrading. Debian advisor...

QNAP QTS 5.x < 5.0.0.1891 build 20211221 Multiple Vulnerabilities

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

Mageia: Security Advisory (MGASA-2021-0585)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5174-2: Samba regression | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information:...

Ubuntu: Security Advisory (USN-5142-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5142-2 samba regressions

USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced regressions in name mapping and backups. Please see the following upstream bugs for more information: https://bugzilla.samba.org/showbug.cgi?id=14901 https://bugzilla.samba.org/showbug.cgi?id=14918 This update fixe...

USN-5174-1 samba vulnerabilities

Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. CVE-2016-2124 Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An...

USN-5174-1: Samba vulnerabilities

Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. CVE-2016-2124 Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An...

Fedora: Security Advisory for samba (FEDORA-2021-1d77047c61)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Samba 4.13.x < 4.13.14 / 4.14.x < 4.14.10 / 4.15.x < 4.15.2 Multiple Vulnerabilities

The version of Samba running on the remote host is 4.13.x prior to 4.13.14, 4.14.x prior to 4.14.10, or 4.15.x prior to 4.15.2. It is, therefore, potentially affected by multiple vulnerabilities as referenced in the vendor advisory. Note that Nessus has not tested for these issues but has instead...

Debian: Security Advisory (DSA-5003-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...