24 matches found
EUVD-2023-53981
Malicious code in bioql PyPI...
EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2024-1704)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when...
EulerOS Virtualization 2.11.1 : samba (EulerOS-SA-2024-1408)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when...
EulerOS 2.0 SP10 : samba (EulerOS-SA-2024-1097)
According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS...
EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2024-1047)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when...
EulerOS 2.0 SP10 : samba (EulerOS-SA-2024-1073)
According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS...
Medium: samba
Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...
RHEL 9 : samba (RHSA-2023:7371)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7371 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
samba: SMB clients can truncate files with read-only permissions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-416)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-416 advisory. Samba is vulnerable to path traversal due to insufficient sanitization of clients incoming pipe names. This can lead to the client connecting to as root to a Unix domain socket outside of the...
CVE-2023-4091
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
AZL-31900 CVE-2023-4091 affecting package samba 4.12.5-7
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
CVE-2023-4091
CVE-2023-4091 affects Samba, where the acl_xattr VFS module can allow an SMB client to truncate files to zero bytes even when opened with read-only access. This occurs when acl_xattr:ignore system acls = yes and the client uses an OVERWRITE create disposition, bypassing kernel permissions checks....
CVE-2023-4091 Samba: smb clients can truncate files with read-only permissions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
CVE-2023-4091
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
CVE-2023-4091 Samba: smb clients can truncate files with read-only permissions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
CVE-2023-4091
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
samba: SMB clients can truncate files with read-only permissions
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...
OESA-2023-1757 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB...
USN-6425-2: Samba regression
USN-6425-1 fixed vulnerabilities in Samba. Due to a build issue on Ubuntu 20.04 LTS, the update introduced regressions in macro handling and possibly other functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sri Nagasubramanian discovered...