Lucene search
K

116 matches found

OpenVAS
OpenVAS
added 2016/04/13 12:0 a.m.31 views

RedHat Update for samba3x RHSA-2016:0613-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.3693EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/13 12:0 a.m.53 views

FreeBSD : samba -- multiple vulnerabilities (a636fc26-00d9-11e6-b704-000c292e4fd8) (Badlock)

Samba team reports : CVE-2015-5370 Errors in Samba DCE-RPC code can lead to denial of service crashes and high cpu consumption and man in the middle attacks. CVE-2016-2110 The feature negotiation of NTLMSSP is not downgrade protected. A man in the middle is able to clear even required flags,...

7.5CVSS6.4AI score0.3693EPSS
Exploits0References17
seebug.org
seebug.org
added 2016/04/13 12:0 a.m.42 views

Samba Badlock 漏洞

概述 Samba 3.6.0-4.4.0版本在MS-SAMR及MS-LSAD协议未正确处理DCERPC连接,可使中间人攻击者修改客户端到服务器的数据流,执行协议降级攻击并冒充用户,对Security Account Manager Database读写操作,获取敏感信息等。 在首次被公开发布时称为"Badlock"。 受影响版本 cpe:/a:samba:samba:4.4.0 cpe:/a:samba:samba:4.4.1 cpe:/a:samba:samba:4.4.0:rc3 cpe:/a:samba:samba:4.4.0:rc2...

7.1AI score
Exploits0
OSV
OSV
added 2016/04/12 11:59 p.m.1 views

DEBIAN-CVE-2016-2118

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data...

7.5CVSS6.5AI score0.3693EPSS
Exploits0References1
OSV
OSV
added 2016/04/12 11:59 p.m.1 views

CVE-2016-0128

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attacker...

6.8CVSS5.8AI score0.3693EPSS
Exploits0References6
Prion
Prion
added 2016/04/12 11:59 p.m.19 views

Design/Logic Flaw

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attacker...

5.8CVSS6.7AI score0.3693EPSS
Exploits0References6Affected Software3
Debian CVE
Debian CVE
added 2016/04/12 11:0 p.m.42 views

CVE-2016-2118

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data...

7.5CVSS6.8AI score0.3693EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/04/12 9:38 p.m.57 views

Critical: Red Hat Security Advisory: samba security, bug fix, and enhancement update

An update for samba is now available for Red Hat Gluster Storage 3.1 for RHEL 6 and Red Hat Gluster Storage 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

7.5CVSS7AI score0.3693EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2016/04/12 9:20 p.m.7 views

samba: SAMR and LSA man in the middle attacks

A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/04/12 9:20 p.m.59 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 4 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2016/04/12 9:20 p.m.6 views

samba: SAMR and LSA man in the middle attacks

A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/04/12 7:33 p.m.43 views

Critical: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, and Red Hat Enterprise Linux 6.6 Extended Update Support. Red Hat Product Security has rated...

7.5CVSS7AI score0.3693EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2016/04/12 7:33 p.m.5 views

samba: SAMR and LSA man in the middle attacks

A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/04/12 7:15 p.m.48 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 5.6 Long Life and Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2016/04/12 7:15 p.m.6 views

samba: SAMR and LSA man in the middle attacks

A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/04/12 5:37 p.m.58 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2016/04/12 5:37 p.m.6 views

samba: SAMR and LSA man in the middle attacks

A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/04/12 5:37 p.m.5 views

samba: SAMR and LSA man in the middle attacks

A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/04/12 5:33 p.m.7 views

samba: SAMR and LSA man in the middle attacks

A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a...

7.5CVSS6.7AI score0.3693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/04/12 5:33 p.m.73 views

Critical: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7AI score0.3693EPSS
Exploits0References11
Rows per page
Query Builder