EMC Replication Manager and EMC Networker Module for Microsoft Remote Code Execution Vulnerability

EMC Replication Manager RM and so on are the products of the United States EMC EMC. RM is a set of EMC storage arrays in the data replication products provide an integrated management platform software; EMC Networker Module for Microsoft NMM is a set of Microsoft applications for the provision of...

Arbitrary Code Execution Vulnerability in Multiple EMC Products

EMC VNX2 File OE and others are hybrid storage platforms from EMC Corporation USA. A security vulnerability exists in the SMB server implementation of several EMC products, which can be exploited to execute arbitrary code and read or write files by sending a series of authentication requests...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the SMBv1 server in Windows operating systems is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted packets...

CVE-2016-3345

The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Authenticat...

Windows SMB Authenticated Remote Code Execution Vulnerability

For Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 operating systems, a remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 Server handles certain requests when an authenticated attacker sends specially crafted packets...

MS16-114: Security Update for Windows SMBv1 Server (3185879)

The remote Windows host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in the Microsoft Server Message Block 1.0 SMBv1 Server due to improper handling of certain requests. An authenticated, remote attacker can exploit this, via specially crafted...

UBUNTU-CVE-2016-5166

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

CentOS Update for samba CESA-2016:1486 centos7

Check the version of samba SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882527";...

Moderate: Red Hat Security Advisory: samba4 security update

An update for samba4 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2016-3225

The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application that forwards an authentication...

Windows SMB Server Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the Microsoft Server Message Block SMB when an attacker forwards an authentication request intended for another service running on the same machine. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevat...

SMB Remote Version Detection

Detection of Server Message BlockSMB. This script sends SMB Negotiation request and try to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

EMC Isilon OneFS and EMC IsilonSD Man-in-the-Middle Attack Vulnerabilities

EMC Isilon OneFS and EMC IsilonSD Edge are both products from EMC Corporation USA. The former is a distributed file system that supports EMC Isilon a horizontally scalable storage system, and the latter is a data management solution for simplifying data management in remote offices or edge...

Samba MS-SAMR/MS-LSAD Man-in-the-Middle Attack Vulnerability

Samba is a freeware implementation of the SMB protocol on Linux and UNIX systems, consisting of a server and a client program. Samba versions 3.6.0-4.4.0 have a security vulnerability in the MS-SAMR and MS-LSAD protocols due to not properly handling DCERPC connections. It could allow a...

Samba Security Bypass Vulnerability

Samba is a set of free software that enables the UNIX family of operating systems to connect to the SMB/CIFS network protocol of the Microsoft Windows operating system. The Samba client's Server Message Block SMB signature fails to use the SMB1 protocol, allowing an attacker to exploit this...

The vulnerability of the Samba file system allows a perpetrator to modify any list of access controls they desire.

The vulnerability of the SMB1 component “smbd” of the Samba file system is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to modify arbitrary access control lists by using the UNIX SMB1 protocol to create symbolic links...

samba: Samba based active directory domain controller does not enforce smb signing

It was discovered that Samba did not enforce Server Message Block SMB signing for clients using the SMB1 protocol. A man-in-the-middle attacker could use this flaw to modify traffic between a client and a server...

samba: Samba based active directory domain controller does not enforce smb signing

It was discovered that Samba did not enforce Server Message Block SMB signing for clients using the SMB1 protocol. A man-in-the-middle attacker could use this flaw to modify traffic between a client and a server...

samba: Smb signing not required by default when smb client connection is used for ipc usage

It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client...

RHEL 6 : samba4 (RHSA-2016:0620)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0620 advisory. Samba is an open-source implementation of the Server Message Block SMB or Common Internet File System CIFS protocol, which allows...