Synology DiskStation Manager (DSM) 6.2.x < 6.2.4-25556-4 Samba Vulnerability (Synology-SA-22:02) - Remote Known Vulnerable Versions Check

Synology DiskStation Manager DSM is prone to an arbitrary code execution vulnerability in Samba. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2022-0081)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the...

kernel: NFSv4: Fix free of uninitialized nfs4_label on referral lookup.

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix free of uninitialized nfs4label on referral lookup. Send along the already-allocated fattr along with nfs4fslocations, and drop the memcpy of fattr. We end up growing two more allocations, but this fixes up a crash as:...

ASUS Armoury Crate Service Symbolic Link Replacement Vulnerability

ASUS Armoury Crate Service is a software utility from ASUS China designed to provide centralized control of supported ROG gaming products. An attacker could use the vulnerability to modify the log file attributes to symbolic links to arbitrary system files, causing the logging function to overwri...

CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

ALPINE-CVE-2021-31566

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. ...

Important: aide

Issue Overview: A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large 16k extended file attributes or ACL. CVE-2021-45417 Affected Packages: aide Iss...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-45417

A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large 16k extended file attributes or ACL...

EulerOS 2.0 SP5 : samba (EulerOS-SA-2022-1551)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Samba vfsfruit module uses extended file attributes EA, xattr to provide '...enhanced compatibility with Apple SMB clients and interoperabili...

End of support for Office 2013

End of support for Office 2013 Support for Office 2013 ended on April 11, 2023 and there will be no extension and no extended security updates. All of your Office 2013 apps will continue to function. However, you could expose yourself to serious and potentially harmful security risks.Buy or try...

AlmaLinux 8 : samba (ALSA-2022:0332)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:0332 advisory. - The Samba vfsfruit module uses extended file attributes EA, xattr to provide ...enhanced compatibility with Apple SMB clients and interoperability with a Netatal...

CVE-2021-44142

The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...

CVE-2021-44142

The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...

Heap overflow

The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...

CVE-2021-44142

The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...

CVE-2021-44142

The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...

CVE-2021-44142

The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...

aide: heap-based buffer overflow on outputs larger than B64_BUF

A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large 16k extended file attributes or ACL...

SUSE SLES12 Security Update : samba (SUSE-SU-2022:0323-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0323-1 advisory. - Kerberos acceptors need easy access to stable AD identifiers eg objectSid. Samba as an AD DC now provides a way for Linux...