BadLock vulnerability of technology to track and risk protection-vulnerability warning-the black bar safety net

Nsfocus continued focus on domestic security trends, as early as 3 months when first released BadLock threat warning notices. 4 on 1 on 2, Microsoft patch day schedule. At this time Microsoft released the patch, contains a BadLock vulnerability that can be on a windows System and the Samba servic...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:1024-1) (Badlock)

samba was updated to fix seven security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...

Samba Information Disclosure Vulnerability (CNVD-2016-02264)

Samba is a set of free software that enables the UNIX family of operating systems to connect to the SMB/CIFS network protocol of the Microsoft Windows operating system. A security vulnerability exists in Samba when the program is configured as a Domain Controller. This vulnerability can be...

Debian DSA-3548-1 : samba - security update (Badlock)

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-5370 Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to...

CentOS Update for ipa-admintools CESA-2016:0612 centos7

Check the version of ipa-admintools SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882461";...

samba: crash in dcesrv_auth_bind_ack due to missing error check

Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...

samba: Spoofing vulnerability when domain controller is configured

It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine...

samba: Samba based active directory domain controller does not enforce smb signing

It was discovered that Samba did not enforce Server Message Block SMB signing for clients using the SMB1 protocol. A man-in-the-middle attacker could use this flaw to modify traffic between a client and a server...

samba: Spoofing vulnerability when domain controller is configured

It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine...

samba: Samba based active directory domain controller does not enforce smb signing

It was discovered that Samba did not enforce Server Message Block SMB signing for clients using the SMB1 protocol. A man-in-the-middle attacker could use this flaw to modify traffic between a client and a server...

libsmbclient, samba security update

CentOS Errata and Security Advisory CESA-2016:0621 An update for samba is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Debian Security Advisory DSA 3548-1 (samba - security update)

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-5370 Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to deni...

FreeBSD : samba -- multiple vulnerabilities (a636fc26-00d9-11e6-b704-000c292e4fd8) (Badlock)

Samba team reports : CVE-2015-5370 Errors in Samba DCE-RPC code can lead to denial of service crashes and high cpu consumption and man in the middle attacks. CVE-2016-2110 The feature negotiation of NTLMSSP is not downgrade protected. A man in the middle is able to clear even required flags,...

RedHat Update for samba RHSA-2016:0621-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-3548-1 samba - security update

Bulletin has no description...

samba: Spoofing vulnerability when domain controller is configured

It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine...

samba: Samba based active directory domain controller does not enforce smb signing

It was discovered that Samba did not enforce Server Message Block SMB signing for clients using the SMB1 protocol. A man-in-the-middle attacker could use this flaw to modify traffic between a client and a server...

samba: crash in dcesrv_auth_bind_ack due to missing error check

Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...

samba: crash in dcesrv_auth_bind_ack due to missing error check

Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...

samba: Spoofing vulnerability when domain controller is configured

It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine...