19 matches found
Astra Linux - уязвимость в samba
In DCE/RPC, it is possible to share handles cookies for resource state between multiple connections through a mechanism called “association groups”. These handles can reference connections to our sam.ldb database. However, while the database is correctly shared, the user credentials are only...
Azure Linux 3.0 Security Update: samba (CVE-2021-3738)
The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3738 advisory. - In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a...
CLSA-2025-1760370936 Fix CVE(s): CVE-2021-3738
SECURITY UPDATE: improper handling of association groups can lead to use- after-free vulnerability - debian/patches/CVE-2021-3738.patch: Fix routines for preparing service before handling CVE-2021-3738 - debian/patches/CVE-2021-3738-1.patch: Fix DsBindAssocGroupAdmin to use admin credentials for...
EUVD-2021-27014
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-3738
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handle...
CVE-2021-3738
...
VMWare vCenter Server DCERPC association groups use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1799 VMWare vCenter Server DCERPC association groups use-after-free vulnerability July 13, 2023 CVE Number CVE-2023-20893 SUMMARY A use-after-free vulnerability exists in the library supporting DCERPC functionality in VMWare vCenter Server 7.0.3.01000. A seri...
SUSE CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
EulerOS Virtualization 2.10.0 : samba (EulerOS-SA-2022-1413)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext...
CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
AZL-37005 CVE-2021-3738 affecting package samba for versions less than 4.18.3-1
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
AZL-8905 CVE-2021-3738 affecting package samba 4.12.5-7
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
ALPINE-CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
DEBIAN-CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
Design/Logic Flaw
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
CVE-2021-3738
CVE-2021-3738 affects Samba’s AD DC RPC server where memory could be freed in a sub-connection, leaving a stale struct session_info. Impact described as potential crash with a use-after-free that could allow higher-privilege state to be referenced. Affected context appears in Samba advisories and...
CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...
UBUNTU-CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...