708 matches found
Buffer Overflow
samba is vulnerable to buffer overflow. The vulnerability exists within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal because GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet causing an application cras...
Security fix for the ALT Linux 10 package samba version 4.16.6-alt1
Oct. 27, 2022 Evgeny Sinelnikov 4.16.6-alt1 - Update to maintenance release of Samba 4.16 Samba15134 - Security fixes: + CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal included in Samba...
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...
Fedora 36 : samba (2022-3dcb5a3785)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-3dcb5a3785 advisory. Update to version 4.16.6 - Security fixes for CVE-2022-3592 and CVE-2022-3437 Tenable has extracted the preceding description block directly from th...
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...
[slackware-security] samba
New samba packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/samba-4.15.11-i586-1slack15.0.txz: Upgraded. This update fixes the following security issue: There is a limited write heap buffer...
Buffer overflow in Heimdal unwrap_des3()
Description The DES for Samba 4.11 and earlier and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet. Examples of where Samba can use GSSAPI include the client and...
Slackware Linux 15.0 / current samba Vulnerability (SSA:2022-298-02)
The version of samba installed on the remote host is prior to 4.15.11 / 4.17.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-298-02 advisory. - A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of...
PT-2022-5230 · Heimdal +9 · Heimdal +9
Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A heap-based buffer overflow issue was found in the GSSAPI unwrap des and unwrap des3 routines of Heimdal, which is part of the Samba network interaction program. This issue allows a remote...
SUSE-SU-2022:3562-1 Security update for libgsasl
This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server bsc1201715...
SUSE-SU-2022:3561-1 Security update for libgsasl
This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server bsc1201715...
samba -- buffer overflow in Heimdal unwrap_des3()
The Samba Team reports: The DES for Samba 4.11 and earlier and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet...
curl: CVE-2022-32208: FTP-KRB bad message verification
Summary: libcurl handles gssunwrap GSSSBADSIG error incorrectly. This enables malicious attacker to inject arbitrary FTP server responses to GSSAPI protected FTP control connection and/or make the client consume unrelated heap memory as a FTP command response. The defective krb5decode function is...
PowerProxy - PowerShell SOCKS Proxy With Reverse Proxy Capabilities
PowerShell SOCKS proxy with reverse proxy capabilities. PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a priority, for traversing networks that block inbound connections. Reverse proxy connections are encrypted by default. Username/Password authentication i...
new packages: python-urllib-gssapi
An update is available for python-urllib-gssapi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...
new packages: python-requests-gssapi
An update is available for python-requests-gssapi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
new packages: python-gssapi
An update is available for python-gssapi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
new packages: perl-GSSAPI
An update is available for perl-GSSAPI. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
Mageia: Security Advisory (MGASA-2020-0003)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
perl-GSSAPI bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...