CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

99 matches found

Veracode•added 2019/05/02 5:51 a.m.•29 views

Privilege Escalation

Samba is vulnerable to privilege escalation attacks. A remote authenticated attacker can send a specially crafted Privilege Attribute Certificate PAC to trigger an overflow and cause the target winbindd service to crash. Additionally a local service with access to the winbindd privileged pipe can...

6.5CVSS6.9AI score0.08663EPSS

Exploits0References17Affected Software2

Tenable Nessus•added 2019/04/30 12:0 a.m.•27 views

openSUSE Security Update : samba (openSUSE-2019-1292)

This update for samba fixes the following issues : Security issue fixed : - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share bsc1131060. Non-security issues fixed : - Fix vfsceph ftruncate and fallocate handling...

5.5CVSS5.6AI score0.03388EPSS

Exploits0References6

OPENSUSE Linux•added 2019/04/29 12:0 a.m.•58 views

Security update for samba (moderate)

openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2019:1292-1 Rating: moderate References: 1099590 1123755 1124223 1127153 1131060 Cross-References: CVE-2019-3880 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has four fixes is now...

5.5CVSS5.2AI score0.03388EPSS

Exploits0References5

Tenable Nessus•added 2019/04/26 12:0 a.m.•26 views

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2019:1037-1)

This update for samba fixes the following issues : Security issue fixed : CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share bsc1131060. Non-security issues fixed: Fix vfsceph ftruncate and fallocate handling...

5.5CVSS5.6AI score0.03388EPSS

Exploits0References8

Tenable Nessus•added 2018/08/15 12:0 a.m.•36 views

SUSE SLES11 Security Update : samba (SUSE-SU-2018:2329-1)

This update for samba fixes the following issues: The following security issues were fixed : - CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient bsc1103411. The following other bugs were fixed : - s3:winbindd: allow a fallback to NTLMSSP for LDAP connection...

8.8CVSS6.5AI score0.0594EPSS

Exploits0References5

Tenable Nessus•added 2017/06/09 12:0 a.m.•52 views

EulerOS 2.0 SP1 : samba (EulerOS-SA-2017-1104)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using...

10CVSS8.5AI score0.94176EPSS

Exploits27References5

Tenable Nessus•added 2017/05/23 12:0 a.m.•43 views

Scientific Linux Security Update : samba on SL7.x x86_64 (20170522)

Security Fixes : - It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. CVE-2016-2125 - A flaw was found in t...

7.5CVSS6.2AI score0.48031EPSS

Exploits3References4

Tenable Nessus•added 2017/05/23 12:0 a.m.•41 views

RHEL 7 : samba (RHSA-2017:1265)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1265 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

7.5CVSS6.5AI score0.48031EPSS

Exploits3References9

OpenVAS•added 2017/05/23 12:0 a.m.•41 views

RedHat Update for samba RHSA-2017:1265-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.48031EPSS

Exploits3References2

Cent OS•added 2017/05/22 4:26 p.m.•93 views

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2017:1265 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS6.5AI score0.48031EPSS

Exploits3References7

RedHat Linux•added 2017/05/22 10:25 a.m.•3 views

samba: Flaws in Kerberos PAC validation can trigger privilege elevation

A flaw was found in the way Samba handled PAC Privilege Attribute Certificate checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process...

6.5CVSS7.1AI score0.04506EPSS

Exploits0References5

RedHat Linux•added 2017/05/22 10:25 a.m.•77 views

Moderate: Red Hat Security Advisory: samba security and bug fix update

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS6.5AI score0.48031EPSS

Exploits3References4

OSV•added 2017/05/11 2:29 p.m.•25 views

CVE-2016-2126

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC Privilege Attribute Certificate checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the...

6.5CVSS6.6AI score0.04506EPSS

Exploits0References9

OSV•added 2017/05/11 2:29 p.m.•1 views

ALPINE-CVE-2016-2126

6.5CVSS6.7AI score0.04506EPSS

Exploits0References1