223 matches found
Moderate: samba security update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: smbd allows client access to unix domain sockets ...
samba: SMB clients can truncate files with read-only permissions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
Moderate: Red Hat Security Advisory: samba security update
An update for samba is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHEL 8 : samba (RHSA-2023:7408)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7408 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
Oracle Linux 9 : samba (ELSA-2023-6744)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6744 advisory. - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files Tenab...
samba: SMB clients can truncate files with read-only permissions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
RHEL 9 : samba (RHSA-2023:6744)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6744 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
CVE-2023-4091
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
CVE-2023-4091
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
ALPINE-CVE-2023-4091
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
Design/Logic Flaw
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
CVE-2023-4091 Samba: smb clients can truncate files with read-only permissions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
CVE-2023-4091
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
Important: samba
Issue Overview: Samba is vulnerable to path traversal due to insufficient sanitization of clients incoming pipe names. This can lead to the client connecting to as root to a Unix domain socket outside of the Samba private directory. CVE-2023-3961 SMB client can truncate files to 0 bytes by openin...
OESA-2023-1757 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB...
OESA-2023-1756 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB...
OESA-2023-1753 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore syst...
OESA-2023-1754 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore syst...
OESA-2023-1755 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore syst...
Fedora 38 : samba (2023-7eb8cbf1a5)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7eb8cbf1a5 advisory. Update to version 4.18.8 - Security fixes for CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670 Tenable has extracted t...