RedHat Update for samba RHSA-2012:0313-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2010-1148

The cifscreate function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a NULL nameidata aka nd field in a POSIX file-creation request to a server that support...

Null pointer dereference

The cifscreate function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a NULL nameidata aka nd field in a POSIX file-creation request to a server that support...

CVE-2010-1148

The cifscreate function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a NULL nameidata aka nd field in a POSIX file-creation request to a server that support...

CVE-2010-1148

The cifscreate function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a NULL nameidata aka nd field in a POSIX file-creation request to a server that support...

Ubuntu Update for samba vulnerability USN-918-1

Ubuntu Update for Linux kernel vulnerabilities USN-918-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9181.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for samba vulnerability USN-918-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

USN-918-1: Samba vulnerability

It was discovered the Samba handled symlinks in an unexpected way when both "wide links" and "UNIX extensions" were enabled, which is the default. A remote attacker could create symlinks and access arbitrary files from the server...

Directory traversal

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...

CVE-2010-0926

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...

Change parameter "wide links" to default to "no";

Description The problem comes from a combination of two features in Samba, each of which on their own are useful to Administrators, but in combination allow users to access any file on the system that their logged in username has permissions to read this is not a privilege escalation problem. By...

CIFS should honor umask

The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges...

CIFS should honor umask

The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges...

Debian DSA-1237-1 : kernel-source-2.4.27 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4093 Olof Johansson reported a local DoS Denia...

CVE-2006-5871

CVE-2006-5871 affects the Linux kernel (notably 2.6.8 and 2.4.x prior to 2.4.34) where UNIX extensions are enabled. The vulnerability arises because smbfs ignores certain mount options, allowing a client to end up using server-specified uid, gid, and mode settings. Connected records (e.g., Debian...

CVE-2006-5871

smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings...

security flaw

smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings...