RHEL 4 : samba (RHSA-2016:0625)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0625 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

K37603172: Samba vulnerabilities CVE-2015-5370 and CVE-2016-2118

Security Advisory Description CVE-2015-5370 Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service application crash or CPU consumptio...

SUSE CVE-2016-2118

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data...

Slackware: Security Advisory (SSA:2016-106-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in Samba – including Badlock – affect ProtecTIER

Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by ProtecTIER. ProtecTIER has addressed the applicable CVEs including the vulnerability commonly referred to as “Badlock”. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTION: Samba could allow a remote attacker to...

SUSE: Security Advisory (SUSE-SU-2016:1024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2016-1014)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in Samba, including Badlock, affect IBM i

Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTION: Samba could allow a remote attacker to gain elevated privileges on the system, caused by the acceptance of...

Security Bulletin: Multiple vulnerabilities in ISC BIND and Samba - including Badlock - affect IBM Netezza Host Management

Summary ISC BIND is used by IBM Netezza Host Management. Samba is delivered in IBM Netezza Host Management RHEL 5.11 and 6.6 OS upgrade kits. IBM Netezza Host Management has addressed the applicable CVEs including the vulnerability commonly referred to as "Badlock." Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in Samba – including Badlock - affect IBM Spectrum Scale SMB protocol access method

Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM Spectrum Scale SMB protocol access method. IBM Spectrum Scale has addressed the applicable CVEs including the vulnerability commonly referred to as “Badlock”. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTIO...

Security Bulletin: Multiple vulnerabilities in Samba - including Badlock - Transformation Extender Hypervisor Edition

Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by Transformation Extender Hypervisor Edition. Transformation Extender Hypervisor Edition has addressed the applicable CVEs including the vulnerability commonly referred to as “Badlock”. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in Samba –including Badlock - affect IBM OS Images for Red Hat Linux Systems.

Summary Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM OS Images for Red Hat Linux Systems. IBM OS Images for Red Hat Linux Systems has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2118 DESCRIPTION: Samba could allow a remote attacker to gain...

EulerOS 2.0 SP1 : samba (EulerOS-SA-2016-1014)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of...

GLSA-201612-47 : Samba: Multiple vulnerabilities (Badlock)

The remote host is affected by the vulnerability described in GLSA-201612-47 Samba: Multiple vulnerabilities Multiple vulnerabilities have been discovered in samba. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code wit...

USN-2950-5: Samba regression

USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlmauth tool. This update fixes the problem. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation....

Ubuntu 12.04 LTS : samba regressions (USN-2950-4) (Badlock)

USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the 'client ipc signing' parameter to 'auto'. We apologiz...

USN-2950-4: Samba regressions

USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". We apologiz...

F5 Networks BIG-IP : Samba vulnerabilities (K37603172) (Badlock)

CVE-2015-5370 Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service application crash or CPU consumption, or possibly execute arbitra...

Ubuntu 14.04 LTS / 16.04 LTS : Samba regressions (USN-2950-3)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2950-3 advisory. USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update...

USN-2950-2: libsoup update

USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws ...