19 matches found
CVE-2026-27884
NetExec is a network execution tool. Prior to version 1.5.1, the module spiderplus improperly creates the output file and folder path when saving files from SMB shares. It does not take into account that it is possible for Linux SMB shares to have path traversal characters such as ../ in them. An...
Debian dsa-6092 : smb4k - security update
The remote Debian 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6092 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6092-1 [email protected] https://www.debian.org/securit...
EUVD-2014-2119
Malware in sbrugna...
EUVD-2018-9697
Malware in sbrugna...
smbmap
This is a Python script for a tool called SMBMap, which is designed to enumerate Samba share drives across an entire domain. The tool allows users to list share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute...
CVE-2021-1751
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
samba bug fix and enhancement update
An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...
CVE-2023-23513
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
PT-2023-19021 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.2 Description: A buffer overflow issue was addressed with improved memory handling. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. Recommendations: For versions prior to 13....
PT-2022-18029 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.4 macOS Big Sur versions prior to 11.6.6 Description: A memory corruption issue was addressed with improved input validation. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
Medium: samba
Issue Overview: A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba...
DEBIAN-CVE-2019-3880
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions...
CVE-2018-17956 Password exposed in process listing
In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list...
CVE-2018-17956
CVE-2018-17956 affects the yast2-samba-provision component. Up to and including version 1.0.1, it leaked Samba-share passwords by passing them on the command line to tools used by yast2-samba-provision, enabling local attackers to read credentials in the process list. Several connected advisories...
CVE-2014-2079
X File Explorer aka xfe might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares...
DEBIAN-CVE-2014-2079
X File Explorer aka xfe might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares...
[ASA-201806-12] cantata: multiple issues
Arch Linux Security Advisory ASA-201806-12 ========================================== Severity: High Date : 2018-06-20 CVE-ID : CVE-2018-12559 CVE-2018-12560 CVE-2018-12561 CVE-2018-12562 Package : cantata Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-721 Summary...
MS11-043: Vulnerability in SMB Client could allow remote code execution: June 14, 2011
MS11-043: Vulnerability in SMB Client could allow remote code execution: June 14, 2011 Not sure if this is the right fix? We've added this issue to our memory dump diagnostic which can confirm.This security update was rereleased on August 9, 2011, and this security release contains an updated...
Mozilla: Information disclosure though Windows file shares and shortcut files (MFSA 2012-37)
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...