Critical: Red Hat Security Advisory: samba3x security update

Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...

samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution

An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...

Critical: Red Hat Security Advisory: samba4 security update

Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution

An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...

Critical: Red Hat Security Advisory: samba security update

Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

Unexpected code execution in smbd.

Description All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an unexpected code execution vulnerability in the smbd file server daemon. A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet...

samba security update

3.6.23-14.0.1 - Remove use-after-free talloctos inlined function problem John Haxby orabug 18253258 3.6.23-14 - related: 1191338 - Update patchset for CVE-2015-0240. 3.6.23-13 - resolves: 1191338 - CVE-2015-0240: RCE in netlogon...

CVE-2015-0240

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets...

samba3x security update

3.6.23-9 - related: 1191608 - Update patchset for CVE-2015-0240. 3.6.23-8 - resolves: 1191608 - CVE-2015-0240: RCE in netlogon...

samba security update

4.1.1-38 - resolves: 1194132 - CVE-2015-0240: RCE in netlogon server...

UBUNTU-CVE-2015-0240

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets...

Debian: Security Advisory (DSA-3171-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : samba (openSUSE-SU-2012:0507-1)

" - Add the ldapsmb sources as else patches against them have no chance to apply. - Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe- cution as the 'root' user; PIDL based autogenerated code allows overwriting beyond of allocated array; CVE-2012-1182; bso8815...

samba3x security and bug fix update

3.6.6-0.136 - resolves: 984807 - CVE-2013-4124: DoS via integer overflow when reading an EA list 3.6.6-0.135 - Fix PIDL parsing with newer versions of gcc. - Fix dereferencing a unique pointer in the WKSSVC server. - resolves: 982484 3.6.6-0.134 - Check for system libtevent and require version...

Null pointer dereference

The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, and R2, when the domain controller role is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and reboot via a crafted RPC packet, aka "Netlogon RPC Null dereference DOS...

CVE-2010-2742

The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, and R2, when the domain controller role is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and reboot via a crafted RPC packet, aka "Netlogon RPC Null dereference DOS...

CVE-2010-2742

The CVE affects the Netlogon RPC Service in Windows Server 2003 SP2 and Windows Server 2008 Gold/SP2/R2 when the domain controller role is enabled. A remote attacker can trigger a denial-of-service via a crafted Netlogon RPC packet, causing a NULL pointer dereference and reboot. The issue is docu...

Microsoft Windows Netlogon Service Denial of Service Vulnerability (2207559)

This host is missing a critical security update according to Microsoft Bulletin MS10-101. OpenVAS Vulnerability Test $Id: secpodms10-101.nasl 5361 2017-02-20 11:57:13Z cfi $ Microsoft Windows Netlogon Service Denial of Service Vulnerability 2207559 Authors: Antu Sanadi Copyright: Copyright c 2010...

MS10-101: Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)

The remote Windows host contains a version of the NetLogon RPC service that is affected by a denial of service vulnerability. An attacker with administrative privileges on a machine that is joined to the same domain as the affected domain controller could cause a denial of service by sending a...

Microsoft Windows multiple security vulnerabilities

OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS...