SolarWinds Serv-U File Server has an unspecified vulnerability

Solarwinds SolarWinds Serv-U File Server is a file transfer server from SolarWinds Solarwinds, Inc. A security vulnerability exists in SolarWinds Serv-U File Server, which can be exploited by attackers to remotely execute code...

CVE-2021-35223

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution...

CVE-2021-35223

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution...

Remote code execution

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution...

CVE-2021-35223

The CVE-2021-35223 vulnerability affects SolarWinds Serv-U File Server, specifically the Execute Command function that allows examining events (e.g., login failures) and passing parameters as user string variables, enabling remote code execution. The issue is tied to a remote, network-exposed vec...

SolarWinds Serv-U File Server 安全漏洞

Solarwinds SolarWinds Serv-U File Server is a file transfer server from SolarWinds Solarwinds, Inc. A security vulnerability exists in SolarWinds Serv-U File Server, which can be exploited by attackers to remotely execute code...

Scientific Linux Security Update : samba on SL7.x i686/x86_64 (2021:2313)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:2313-1 advisory. - samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token CVE-2021-20254 Note that Nessus has not...

RHEL 7 : samba (RHSA-2021:2313)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2313 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

Debian DLA-2668-1 : samba security update

Several vulnerabilities were discovered in Samba, SMB/CIFS file, print, and login server for Unix CVE-2019-10218 A flaw was found in the samba client, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of t...

SQL Injection Vulnerability in the File Server Configuration Management System of UFIDA Network Technology Corporation (CNVD-2021-37324)

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. A SQL injection vulnerability exists in the File Server Configuration Management System of UFIDA Network Technology Co., Ltd. that can be exploited by...

UFIDA Network Technology Co. File Server Configuration Management Logic Flaw Vulnerability

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. A logic flaw vulnerability exists in the file server configuration management of UFIDA Network Technology Corporation, which can be exploited by...

Security Bulletin: Samba for IBM i is affected by CVE-2021-20254

Summary Samba is supported on IBM i. IBM i has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-20254 DESCRIPTION: Samba could allow a remote authenticated attacker to bypass security restrictions, caused by a coding error when converting SIDs to gids. By sending a...

Unauthorized Access Vulnerability in File Server Management Console

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. An unauthorized access vulnerability exists in the file server management console, which can be exploited by attackers to obtain sensitive information...

Design/Logic Flaw

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

CVE-2021-20254

Samba CVE-2021-20254 concerns the SMB/CIFS file server’s SID-to-GID mapping in the idmap cache. A flaw allows reading past the end of the array when a negative cache entry exists, potentially leaking group membership data into the process token and impacting data confidentiality and integrity. Af...

CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

SolarWinds Serv-U File Server 跨站脚本漏洞

Solarwinds SolarWinds Serv-U File Server is a file transfer server from SolarWinds USA. A cross-site scripting vulnerability exists in SolarWinds Serv-U File Server versions prior to 15.2, which originates from exposure to cross-site scripting XSS via the HTTP host header...

CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

samba -- negative idmap cache entries vulnerability

The Samba Team reports: CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token...