Lucene search
K

223 matches found

AlmaLinux
AlmaLinux
added 2023/11/22 12:0 a.m.60 views

Moderate: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: smbd allows client access to unix domain sockets ...

9.8CVSS7.3AI score0.02409EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2023/11/21 12:13 p.m.28 views

samba: SMB clients can truncate files with read-only permissions

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS6.7AI score0.01174EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/21 11:26 a.m.41 views

Moderate: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

9.8CVSS7AI score0.02409EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/11/21 12:0 a.m.31 views

RHEL 8 : samba (RHSA-2023:7408)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7408 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

9.8CVSS7.3AI score0.02409EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.36 views

Oracle Linux 9 : samba (ELSA-2023-6744)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6744 advisory. - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files Tenab...

9.8CVSS7.3AI score0.02409EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/11/07 10:7 a.m.29 views

samba: SMB clients can truncate files with read-only permissions

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS6.7AI score0.01174EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.37 views

RHEL 9 : samba (RHSA-2023:6744)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6744 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

9.8CVSS7.3AI score0.02409EPSS
Exploits1References9
OSV
OSV
added 2023/11/03 8:15 a.m.32 views

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS7AI score0.01174EPSS
Exploits0References13
NVD
NVD
added 2023/11/03 8:15 a.m.22 views

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS7.1AI score0.01174EPSS
Exploits0References13
OSV
OSV
added 2023/11/03 8:15 a.m.3 views

ALPINE-CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS6.8AI score0.01174EPSS
Exploits0References1
Prion
Prion
added 2023/11/03 8:15 a.m.34 views

Design/Logic Flaw

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

4CVSS6.2AI score0.01174EPSS
Exploits0References12Affected Software5
Vulnrichment
Vulnrichment
added 2023/11/03 7:56 a.m.21 views

CVE-2023-4091 Samba: smb clients can truncate files with read-only permissions

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS6.6AI score0.01174EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2023/11/03 7:56 a.m.35 views

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS6.8AI score0.01174EPSS
Exploits0
Amazon
Amazon
added 2023/11/03 12:0 a.m.7 views

Important: samba

Issue Overview: Samba is vulnerable to path traversal due to insufficient sanitization of clients incoming pipe names. This can lead to the client connecting to as root to a Unix domain socket outside of the Samba private directory. CVE-2023-3961 SMB client can truncate files to 0 bytes by openin...

9.8CVSS7.4AI score0.02409EPSS
Exploits1
OSV
OSV
added 2023/10/20 11:6 a.m.5 views

OESA-2023-1757 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB...

9.8CVSS6.7AI score0.02409EPSS
Exploits1References5
OSV
OSV
added 2023/10/20 11:6 a.m.3 views

OESA-2023-1756 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB...

9.8CVSS6.7AI score0.02409EPSS
Exploits1References5
OSV
OSV
added 2023/10/20 11:6 a.m.2 views

OESA-2023-1753 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore syst...

6.5CVSS6.8AI score0.01723EPSS
Exploits0References3
OSV
OSV
added 2023/10/20 11:6 a.m.4 views

OESA-2023-1754 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore syst...

6.5CVSS6.8AI score0.01723EPSS
Exploits0References3
OSV
OSV
added 2023/10/20 11:6 a.m.3 views

OESA-2023-1755 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore syst...

6.5CVSS6.8AI score0.01723EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/12 12:0 a.m.31 views

Fedora 38 : samba (2023-7eb8cbf1a5)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7eb8cbf1a5 advisory. Update to version 4.18.8 - Security fixes for CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670 Tenable has extracted t...

9.8CVSS7.3AI score0.02409EPSS
Exploits1References6
Rows per page
Query Builder