13 matches found
MiracleLinux 8 : openchange-2.3-27.el8, samba-4.13.3-3.el8 (AXSA:2021-2082:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2082:01 advisory. samba: Netlogon elevation of privilege vulnerability Zerologon CVE-2020-1472 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify...
MiracleLinux 4 : samba4-4.2.10-15.0.1.AXS4 (AXSA:2021-1573:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1573:01 advisory. samba: Netlogon elevation of privilege vulnerability Zerologon CVE-2020-1472 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify...
CentOS 8 : samba (CESA-2021:1647)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1647 advisory. - samba: Missing handle permissions check in SMB1/2/3 ChangeNotify CVE-2020-14318 - samba: Unprivileged user can crash winbind CVE-2020-14323 - samba:...
samba security, bug fix, and enhancement update
An update is available for samba, openchange. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block...
USN-4931-1: Samba vulnerabilities
Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-1423)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : samba (RHSA-2020:5439)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5439 advisory. - A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file an...
SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3092-1)
This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...
openSUSE Security Update : samba (openSUSE-2020-1811)
This update for samba fixes the following issues : - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Samba vulnerabilities (USN-4611-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4611-1 advisory. Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue...
SUSE-SU-2020:3081-1 Security update for samba
This update for samba fixes the following issues: Update to samba 4.11.14 - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in...
PT-2020-6720 · Samba +9 · Samba +9
Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A flaw was found in the way Samba handled file and directory permissions, allowing an authenticated user to gain access to certain file and directory information that would otherwise be...
Missing handle permissions check in SMB1/2/3
Description The SMB1/2/3 protocols have a concept of "ChangeNotify", where a client can request file name notification on a directory handle when a condition such as "new file creation" or "file size change" or "file timestamp update" occurs. A missing permissions check on a directory handle...