ALPINE-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

DEBIAN-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

Default credentials

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

CVE-2019-14833

CVE-2019-14833 affects Samba, specifically the AD DC password handling where a custom script for password complexity may fail to verify non‑ASCII passwords, potentially allowing weak passwords and dictionary attacks. Affected releases include Samba 4.5.0 up to but not including 4.9.15, and also 4...

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

CVE-2012-6125

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions...

DEBIAN-CVE-2012-6125

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions...

CVE-2012-6125

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions...

Design/Logic Flaw

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions...

CVE-2012-6125

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions...

CVE-2012-6125

Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions...

CVE-2012-6125

CVE-2012-6125 applies to CHICKEN Scheme prior to 4.8.0, where hash table collision handling enables algorithmic complexity attacks that cause O(n) symbol-table lookups. The consumer-facing effect is resource-heavy lookups potentially impacting availability and response under crafted input. Severa...

Samba AD DC Check Password Script Weakness (CVE-2019-14833)

When the password contains multi-byte non-ASCII characters, the check password script of Samba AD DC does not receive the full password string. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...

Ubuntu 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-4167-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4167-1 advisory. Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a...

USN-4167-1: Samba vulnerabilities

Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. CVE-2019-10218 Simon...

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

UBUNTU-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

Samba AD DC check password script does not receive

Description Since Samba Version 4.5.0 a Samba AD DC can use a custom command to verify the password complexity. The command can be specified with the "check password script" smb.conf parameter. This command is called when Samba handles a user password change or a new user password is set. The...

Beers with Talos Ep. #64: Your problem isn’t complex, it's simply complexity

By Mitch Neff Beers with Talos BWT Podcast episode No. 64 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded Oct. 10, 2019 This episode lives up to its name, by trying to only take on a minimal topic and the...