NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2021-0024)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by multiple vulnerabilities: - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log level = 3 or above...

EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2021-1625)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, whi...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-1517)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-1423)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : samba (EulerOS-SA-2021-1533)

According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel...

EulerOS Virtualization 3.0.6.6 : samba (EulerOS-SA-2021-1517)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, whi...

EulerOS 2.0 SP2 : samba (EulerOS-SA-2021-1357)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user...

Security Bulletin: Multiple vulnerabilities in samba affect IBM Spectrum Scale SMB protocol access method.

Summary Multiple samba vulnerabilities affect IBM Spectrum Scale SMB protocol access method that could cause denial of service. A fix for these vulnerabilities is available. Vulnerability Details CVEID: CVE-2020-14318 DESCRIPTION: Samba could allow a remote authenticated attacker to obtain...

EulerOS 2.0 SP3 : samba (EulerOS-SA-2021-1118)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves...

Critical: samba

Issue Overview: A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. CVE-2020-14318 A null pointer dereference flaw was fou...

Amazon Linux AMI : samba (ALAS-2021-1469)

The version of samba installed on the remote host is prior to 4.10.16-9.56. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1469 advisory. A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to...

CentOS 7 : samba (RHSA-2020:5439)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5439 advisory. - A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file an...

Critical: samba

Issue Overview: A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. CVE-2020-14318 A null pointer dereference flaw was fou...

Amazon Linux 2 : samba (ALAS-2021-1585)

The version of samba installed on the remote host is prior to 4.10.16-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1585 advisory. A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gai...

RHEL 7 : samba (RHSA-2020:5439)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5439 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

Oracle Linux 7 : samba (ELSA-2020-5439)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5439 advisory. - resolves: 1892632 - Fix CVE-2020-14318 - resolves: 1891687 - Fix CVE-2020-14323 - resolves: 1879834 - Fix CVE-2020-1472 Tenable has extracted the...

samba security and bug fix update

4.10.17-9 - related: 1853272 - Add back missing patch hunks 4.10.16-8 - resolves: 1878205 - Fix restarting winbind on package upgrade - resolves: 1892632 - Fix CVE-2020-14318 - resolves: 1891687 - Fix CVE-2020-14323 - resolves: 1879834 - Fix CVE-2020-1472 - resolves: 1892313 - Fix memory leak in...

Moderate: Red Hat Security Advisory: samba security and bug fix update

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

samba: Unprivileged user can crash winbind

A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability...

SUSE SLES12 Security Update : samba (SUSE-SU-2020:3093-1)

This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...