29 matches found
SUSE CVE-2018-1139
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client...
SUSE: Security Advisory (SUSE-SU-2018:2318-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1618)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i
Summary Samba is supported on IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-10918 DESCRIPTION: Samba is vulnerable to a denial of service, caused by a NULL pointer dereference when checking database outputs from the LDB database layer. If Samba is in an...
EulerOS Virtualization for ARM 64 3.0.2.0 : samba (EulerOS-SA-2019-1618)
According to the version of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. ...
Security Bulletin: IBM QRadar SIEM is vulnerable to Publicly disclosed Samba vulnerabilities (CVE-2018-10858, CVE-2018-1139)
Summary Publicly disclosed Samba vulnerabilities Vulnerability Details CVEID: CVE-2018-10858 Description: Samba is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libsmbclient. By sending an overly long filename, a remote attacker could overflow a buffer and...
Security Bulletin: Multiple Samba vulnerabilities affect IBM Spectrum Protect Plus (CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919)
Summary There are multiple security vulnerabilities in Samba that affect IBM Spectrum Protect Plus. These vulnerabilities may result in potential information disclosure, denial of service, or execution of arbitrary code on the system. Vulnerability Details CVEID: CVE-2018-1139 DESCRIPTION: Samba...
Amazon Linux AMI : samba (ALAS-2018-1126)
A NULL pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash. CVE-2018-1050 A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious...
Fedora 28 : 2:samba / libldb (2018-bc22d6c7bc)
Update to Samba 4.8.4, Security fix for CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:2318-1)
This update for samba fixes the following issues: The following security vulnerabilities were fixed : - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; bsc1095048 - CVE-2018-1140: ldbsearch 'distinguishedName=abc' and DNS query with escapes crashes; bsc1095056 - CVE-2018-10919:...
CentOS 7 : samba (CESA-2018:3056)
An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ctdb, libsmbclient, libwbclient, samba security update
CentOS Errata and Security Advisory CESA-2018:3056 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Oracle Linux 7 : samba (ELSA-2018-3056)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3056 advisory. - resolves: 1614265 - Fix CVE-2018-1139 - resolves: 1614269 - Fix CVE-2018-10858 Tenable has extracted the preceding description block directly from th...
samba security, bug fix, and enhancement update
4.8.3-4 - resolves: 1614132 - Fix delete-on-close after smb2find - resolves: 1614265 - Fix CVE-2018-1139 - resolves: 1614269 - Fix CVE-2018-10858 4.8.3-3 - resolves: 1581016 - Add smbclient quiet argument 4.8.3-2 - related: 1538743 - Fix local user account lookup with winbind 4.8.3-1 - related:...
Moderate: Red Hat Security Advisory: samba security, bug fix, and enhancement update
An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
openSUSE: Security Advisory for samba (openSUSE-SU-2018:2400-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2018-1139
CVE-2018-1139 affects Samba prior to 4.7.9 and 4.8.4, allowing weak NTLMv1 authentication to be used even when NTLMv1 is disabled. This enables a man-in-the-middle to read credentials and related data between Samba servers and clients. Multiple connected advisories confirm the root cause as weak ...
Fedora 27 : 2:samba (2018-8e4d871867)
Update to Samba 4.7.9, Security fix for CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora Update for samba FEDORA-2018-8e4d871867
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : samba (openSUSE-2018-891)
This update for samba fixes the following issues : The following security vulnerabilities were fixed : - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; bsc1095048 - CVE-2018-1140: ldbsearch 'distinguishedName=abc' and DNS query with escapes crashes; bsc1095056 - CVE-2018-10919:...