MiracleLinux 4 : samba4-4.2.10-15.0.1.AXS4 (AXSA:2021-1573:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1573:01 advisory. samba: Netlogon elevation of privilege vulnerability Zerologon CVE-2020-1472 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify...

MiracleLinux 8 : openchange-2.3-27.el8, samba-4.13.3-3.el8 (AXSA:2021-2082:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2082:01 advisory. samba: Netlogon elevation of privilege vulnerability Zerologon CVE-2020-1472 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify...

CentOS 8 : samba (CESA-2021:1647)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1647 advisory. - samba: Missing handle permissions check in SMB1/2/3 ChangeNotify CVE-2020-14318 - samba: Unprivileged user can crash winbind CVE-2020-14323 - samba:...

samba security, bug fix, and enhancement update

An update is available for samba, openchange. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block...

USN-4931-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-1423)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : samba (RHSA-2020:5439)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5439 advisory. - A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file an...

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3092-1)

This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...

openSUSE Security Update : samba (openSUSE-2020-1811)

This update for samba fixes the following issues : - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Samba vulnerabilities (USN-4611-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4611-1 advisory. Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue...

SUSE-SU-2020:3081-1 Security update for samba

This update for samba fixes the following issues: Update to samba 4.11.14 - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in...

Missing handle permissions check in SMB1/2/3

Description The SMB1/2/3 protocols have a concept of "ChangeNotify", where a client can request file name notification on a directory handle when a condition such as "new file creation" or "file size change" or "file timestamp update" occurs. A missing permissions check on a directory handle...

PT-2020-6720 · Samba +9 · Samba +9

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A flaw was found in the way Samba handled file and directory permissions, allowing an authenticated user to gain access to certain file and directory information that would otherwise be...