[SECURITY] Fedora 44 Update: ldns-1.9.2-1.fc44

ldns is a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. We also define a higher level API which allows a programmer to for instance create or sign packets...

EUVD-2023-44015

Malicious code in bioql PyPI...

NewStart CGSL MAIN 7.02 : samba Multiple Vulnerabilities (NS-SA-2025-0133)

The remote NewStart CGSL host, running version MAIN 7.02, has samba packages installed that are affected by multiple vulnerabilities: - A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba...

TencentOS Server 3: samba (TSSA-2023:0202)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0202 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0093: samba (ALINUX3-SA-2023:0093)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0093 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-3347: A vulnerability was found in Samba's...

The vulnerability of the SMB2 packet signing mechanism in the Samba networking communication software allows a attacker to execute a type of “man-in-the-middle” attack.

The vulnerability of the SMB2 packet signing mechanism in the Samba network communication software is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to act remotely...

CentOS 9 : samba-4.18.5-100.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the samba-4.18.5-100.el9 build changelog. - An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM...

GLSA-202402-28 : Samba: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-28 Samba: Multiple Vulnerabilities - An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and...

ROS-20230920-01

Vulnerability of winbinddpamauthcrap.c component of Samba networking software package is related to operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in SMB2 packet signing...

Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-316)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-316 advisory. When doing NTLM authentication, the client sends replies tocryptographic challenges back to the server. These replieshave variable length. Winbind did not properly bounds-checkthe lan manager...

Updated samba packages fix security vulnerability

Out-of-bounds read due to insufficient length checks in winbinddpamauthcrap.c CVE-2022-2127 Improper SMB2 packet signing mechanism leading to man in the middle risk CVE-2023-3347 Infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight CVE-2023-34966 Type Confusion...

Debian DSA-5477-1 : samba - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5477 advisory. - An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the clie...

USN-6238-1: Samba vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Samba incorrectly handled Winbind NTLM authentication responses. An attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-2127...

FreeBSD : samba -- multiple vulnerabilities (441e1e1a-27a5-11ee-a156-080027f5fec9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 441e1e1a-27a5-11ee-a156-080027f5fec9 advisory. - An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in...

Fedora 37 : samba (2023-bcd91bfcd3)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-bcd91bfcd3 advisory. Update to version 4.17.10, Security fixes for CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967 and CVE-2023-34968 ---- Fix netlogon...

[slackware-security] samba

New samba packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/samba-4.18.5-i586-1slack15.0.txz: Upgraded. PLEASE NOTE: We are taking the unusual step of moving to the latest Samba branch because...

AlmaLinux 9 : samba (ALSA-2023:4325)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4325 advisory. - A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured server signing = required or f...

AlmaLinux 8 : samba (ALSA-2023:4328)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4328 advisory. - A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured server signing = required or f...

Oracle Linux 8 : samba (ELSA-2023-4328)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4328 advisory. 4.17.5-3.0.1 - Fix memleak in nsswinbindinitgroupsdyn Orabug: 34727815 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8...

Oracle Linux 9 : samba (ELSA-2023-4325)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4325 advisory. 4.17.5-103.0.1 - Fix memleak in nsswinbindinitgroupsdyn Orabug: 34994509 4.17.5-103 - resolves: rhbz2223600 - Fix trust relationship between workstation and DC ...