Microsoft Windows SMBv3 Remote Code Execution Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. Microsoft Windows SMBv3 remote code execution vulnerability. An unauthorized remote attacker can perform remote code execution via a carefully constructed request packet...

Microsoft Server Message Block RCE Vulnerability

Microsoft has released a security advisory to address a remote code execution vulnerability CVE-2020-0796 in Microsoft Server Message Block 3.1.1 SMBv3. A remote attacker can exploit this vulnerability to take control of an affected system. SMB is a network file-sharing protocol that allows clien...

Important: kernel-livepatch-4.14.165-133.209

Issue Overview: An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.CVE-2019-15918 In the Linux kernel before 5.1, there is a memory leak in...

The vulnerability of the SMB Server component of the Oracle Solaris operating system allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the SMB Server component of the Oracle Solaris operating system is related to lack of access control mechanisms. Exploiting this vulnerability can allow an attacker to modify, add, or delete data...

The vulnerability of the Oracle Solaris operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the Oracle Solaris operating system’s kernel is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service failures using the SMB protocol over the network...

CVE-2020-6963

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Central Station CSCS Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execut...

The vulnerability of the Linux operating system’s kernel-based SMB client allows a hacker to manipulate files in the client’s directory.

The vulnerability of the Linux operating system’s kernel-based SMB client exists due to an incorrect pathname limitation for the restricted access directory. Exploiting this vulnerability allows a malicious actor to remotely manipulate files within the client’s directory...

Unspecified Vulnerability in Oracle Solaris (CNVD-2020-03246)

Oracle Solaris is a Unix-like operating system. An unspecified vulnerability exists in the SMB Server component of Oracle Solaris 11. An attacker could exploit this vulnerability to compromise integrity...

CVE-2020-2558

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMB to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris,...

PT-2020-1519 · Oracle · Oracle Solaris

Name of the Vulnerable Software and Affected Versions: Oracle Solaris version 11 Description: The issue is related to insufficient access control in the kernel of Oracle Solaris, allowing an unauthenticated attacker with network access via the SMB protocol to compromise the system. Successful...

CVE-2019-1443

An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The...

kernel: use-after-free information leak in SMB2_read

An issue was discovered in the Linux kernel's implementation of the CIFS protocol. The SMB2read function has a possible use-after-free when CIFS function tracing is enabled. While data is used after being freed, it is has not been determined how it could be used for privilege escalation...

D-Link DIR-865L Path Traversal Vulnerability

The D-Link DIR-865L is a wireless router from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link DIR-865L that stems from a failure to properly configure the SMB service. The vulnerability can be exploited to create a symbolic link to the root directory of the router's fil...

Moderate: Red Hat Security Advisory: samba security and bug fix update

An update for samba is now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

PT-2019-6974 · D Link +1 · D-Link Dir-865L +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-865L affected versions not specified Description: The issue is related to a misconfiguration in the SMB service, allowing symbolic links to be created to locations outside of the Samba share, which is known as SMB Symlink Traversal...

Tcpdump SMB parser memory corruption vulnerability

tcpdump is a message analysis tool. A memory corruption vulnerability exists in tcpdump SMB parser print-smb.c:printtrans, which can be exploited by remote attackers to submit a special request that can crash an application...

ALPINE-CVE-2018-16452

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smbfdata via recursion...

DEBIAN-CVE-2018-16452

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smbfdata via recursion...

ALPINE-CVE-2018-10103

tcpdump before 4.9.3 mishandles the printing of SMB data issue 1 of 2...

DEBIAN-CVE-2018-10105

tcpdump before 4.9.3 mishandles the printing of SMB data issue 2 of 2...