PT-2022-15765 · Afp +5 · Afp +5

Name of the Vulnerable Software and Affected Versions: SMB and AFP affected versions not specified Description: The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting this combination of primitives, an attacker can...

The vulnerability in the implementation of the Windows SMB network protocol of the Microsoft operating system allows a perpetrator to disclose protected information.

The vulnerability of the Windows SMB network protocol implementation in Microsoft Windows is related to information disclosure. Exploiting this vulnerability can allow an attacker to disclose protected information...

samba bug fix and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fixes and Enhancements: Samba 4.14.5 - virusfiltervfsopenat: Not...

Apple macOS Monterey 缓冲区错误漏洞

Apple macOS Monterey is the 18th major release of Apple's macOS for the Macintosh desktop operating system. A buffer error vulnerability exists in Apple macOS Monterey versions prior to 12.3, which originates from a boundary error in the system's SMB daemon when handling untrusted input. A remote...

PT-2022-1967 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to the implementation of the Server Message Block SMBv3 protocol in Microsoft Windows, specifically concerning incorrect code generation management. This can ...

The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to cause a service failure.

The vulnerability of the RouterOS operating system for MikroTik routers lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a specially crafted SMB request...

CVE-2020-22844

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service DOS via crafted SMB requests...

Mikrotik RouterOS 安全漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in PCs to enable them to provide router functionality. A security vulnerability exists in Mikrotik RouterOS 6.47 that allows an unauthenticated attacker to cause a deni...

DEBIAN-CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required...

AZL-36986 CVE-2016-2124 affecting package samba for versions less than 4.18.3-1

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required...

Critical: Red Hat Security Advisory: samba security and bug fix update

An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

UBUNTU-CVE-2021-44141

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succee...

PT-2022-1497 · Samba +9 · Samba +9

Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.15.5 Description: The issue allows a malicious client to use a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. This can be...

ALPINE-CVE-2021-43566

All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...

samba: SMB1 client connections can be downgraded to plaintext authentication

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required...

PT-2021-23697 · Samsung · Samsung Scx-6X55X

Name of the Vulnerable Software and Affected Versions: Samsung SCX-6x55X printers affected versions not specified Description: The issue allows an attacker to gain access to a list of SMB users and cleartext passwords by reading the HTML source code of the SyncThru Web Service. Authentication is...

Apache Solr 路径遍历漏洞

Apache Solr is the United States Apache Apache Foundation of a search server based on Lucene a full-text search engine. The product supports level search , vertical search , highlighting search results and so on. Apache Solr has a security vulnerability that can be exploited by an attacker to gai...

RLSA-2021:5082 Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Active Directory AD domain user could become root...

The vulnerability of the SMB1 protocol implementation in Samba network communication software lies in the ability to convert the client connection to an authentication with open text. This allows attackers to carry out a “man-in-the-middle” attack.

The vulnerability of the SMB1 protocol implementation in the Samba networking software lies in the ability to convert the client connection to an authentication with open text. Exploiting this vulnerability allows a remote attacker to carry out a “man-in-the-middle” attack...

samba: SMB1 client connections can be downgraded to plaintext authentication

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required...