AZL-44029 CVE-2022-2127 affecting package samba 4.12.5-7

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manage...

Samba 缓冲区错误漏洞

Samba is the standard Windows interoperability program suite for Linux and Unix. Samba suffers from a code issue vulnerability that stems from not properly handling Winbind NTLM authentication responses. An attacker could exploit this vulnerability to cause a denial of service...

SUSE CVE-2022-2127

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manage...

PT-2023-3678 · Samba +9 · Samba +9

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: The issue is related to an out-of-bounds read vulnerability in Samba due to insufficient length checks in the winbindd pam auth crap.c component. This vulnerability can be exploited when...

SUSE CVE-2012-6150

The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by...

DEBIAN-CVE-2011-0719

Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FDSET macro, which allows remote attackers to cause a denial of service stack memory corruption, and infinite loop or daemon crash by opening a large number of...