11 matches found
Astra Linux – Vulnerability in Samba
The fixes in 4.6.16, 4.7.9, 4.8.4, and 4.9.7 for CVE-2018-10919, which address the issue of confidential attributes being disclosed via LDAP filters, were insufficient. An attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...
EUVD-2023-12649
Malicious code in bioql PyPI...
EulerOS Virtualization 2.11.0 : libldb (EulerOS-SA-2023-2758)
According to the versions of the libldb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient an...
EulerOS Virtualization 2.11.1 : libldb (EulerOS-SA-2023-2727)
According to the versions of the libldb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient an...
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2023-2650)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 36 : libldb / samba (2023-1c172e3264)
The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-1c172e3264 advisory. Update to ldb 2.5.3 and samba 4.16.10 Security fixes for CVE-2023-0922, CVE-2023-0614 Tenable has extracted the preceding description block directly...
Design/Logic Flaw
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...
CVE-2023-0614
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...
Vulnerabilities fixed in Samba
Samba developers have fixed vulnerabilities in Samba. A malicious party could exploit the vulnerabilities to gain access gain access to sensitive data, or to manipulate data in the underlying Active Directory without being authorized to do so. The vulnerability with attribute CVE-2023-0614 is a f...
samba -- multiple vulnerabilities
The Samba Team reports: An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset...
UBUNTU-CVE-2023-0614
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...