Moderate: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact...

Samba 3.4.0 <= 3.6.4 Elevate Privileges Vulnerability (CVE-2012-2111)

Samba 3.4.x to 3.6.4 are affected by a vulnerability that allows arbitrary users to modify privileges on a file server. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

SolarWinds Serv-U File Server has an unspecified vulnerability

Solarwinds SolarWinds Serv-U File Server is a file transfer server from SolarWinds Solarwinds, Inc. A security vulnerability exists in SolarWinds Serv-U File Server, which can be exploited by attackers to remotely execute code...

CVE-2021-35223

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution...

CVE-2021-35223

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution...

Remote code execution

The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution...

CVE-2021-35223

The CVE-2021-35223 vulnerability affects SolarWinds Serv-U File Server, specifically the Execute Command function that allows examining events (e.g., login failures) and passing parameters as user string variables, enabling remote code execution. The issue is tied to a remote, network-exposed vec...

SolarWinds Serv-U File Server 安全漏洞

Solarwinds SolarWinds Serv-U File Server is a file transfer server from SolarWinds Solarwinds, Inc. A security vulnerability exists in SolarWinds Serv-U File Server, which can be exploited by attackers to remotely execute code...

The vulnerability of the SSH protocol implementation in the SolarWinds Serv-U File Server file server for Windows operating systems allows a perpetrator to execute arbitrary code or escalate their privileges.

The vulnerability of the SSH protocol implementation in the SolarWinds Serv-U File Server file server for Windows operating systems is related to the disclosure of information in the error data field. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or increase the...

Scientific Linux Security Update : samba on SL7.x i686/x86_64 (2021:2313)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:2313-1 advisory. - samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token CVE-2021-20254 Note that Nessus has not...

RHEL 7 : samba (RHSA-2021:2313)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2313 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

Debian DLA-2668-1 : samba security update

Several vulnerabilities were discovered in Samba, SMB/CIFS file, print, and login server for Unix CVE-2019-10218 A flaw was found in the samba client, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of t...

UFIDA Network Technology Co. File Server Configuration Management Logic Flaw Vulnerability

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. A logic flaw vulnerability exists in the file server configuration management of UFIDA Network Technology Corporation, which can be exploited by...

SQL Injection Vulnerability in the File Server Configuration Management System of UFIDA Network Technology Corporation (CNVD-2021-37324)

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. A SQL injection vulnerability exists in the File Server Configuration Management System of UFIDA Network Technology Co., Ltd. that can be exploited by...

Security Bulletin: Samba for IBM i is affected by CVE-2021-20254

Summary Samba is supported on IBM i. IBM i has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-20254 DESCRIPTION: Samba could allow a remote authenticated attacker to bypass security restrictions, caused by a coding error when converting SIDs to gids. By sending a...

Unauthorized Access Vulnerability in File Server Management Console

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. An unauthorized access vulnerability exists in the file server management console, which can be exploited by attackers to obtain sensitive information...

Design/Logic Flaw

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

CVE-2021-20254

Samba CVE-2021-20254 concerns the SMB/CIFS file server’s SID-to-GID mapping in the idmap cache. A flaw allows reading past the end of the array when a negative cache entry exists, potentially leaking group membership data into the process token and impacting data confidentiality and integrity. Af...

CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...