SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3081-1)

This update for samba fixes the following issues : Update to samba 4.11.14 CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3...

SUSE SLES12 Security Update : samba (SUSE-SU-2020:3082-1)

This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3092-1)

This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...

EulerOS 2.0 SP9 : samba (EulerOS-SA-2020-2491)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - As Samba internally opens an underlying file system handle on a directory when a client requests an open, even for FILEREADATTRIBUTES then if the...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-2491)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated samba packages fix security vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information CVE-2020-14318. Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

Denial Of Service (DoS)

samba is vulnerable to denial of service. The vulnerability exists through a null pointer dereference flaw found in the Winbind service which allows an attacker to cause an application crash...

Samba 3.6.x < 4.11.15 / 4.12.x < 4.12.9 / 4.13.x < 4.13.1 Multiple Vulnerabilities

The version of Samba running on the remote host is 3.6.x prior to 4.11.15, 4.12.x prior to 4.12.9, or 4.13.x prior to 4.13.1. It is, therefore, potentially affected by multiple vulnerabilities, including the following: - A null pointer dereference flaw was found in samba's Winbind service in...

openSUSE: Security Advisory for samba (openSUSE-SU-2020:1811-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : samba (openSUSE-2020-1819)

This update for samba fixes the following issues : Update to samba 4.11.14 - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in...

USN-4611-1 samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

OPENSUSE-SU-2020:1819-1 Security update for samba

This update for samba fixes the following issues: Update to samba 4.11.14 - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in...

Security update for samba (important)

openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2020:1811-1 Rating: important References: 1173902 1173994 1177613 Cross-References: CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now...

Security update for samba (important)

openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2020:1819-1 Rating: important References: 1173902 1173994 1177613 Cross-References: CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Samba vulnerabilities (USN-4611-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4611-1 advisory. Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue...

AZL-7348 CVE-2020-14323 affecting package samba 4.12.5-7

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service...

CVE-2020-14323

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service...

AZL-36989 CVE-2020-14323 affecting package samba for versions less than 4.18.3-1

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service...

CVE-2020-14323

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service...

DEBIAN-CVE-2020-14323

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service...