52 matches found
MiracleLinux 7 : samba-4.6.2-12.el7 (AXSA:2017-2417:07)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2417:07 advisory. A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB...
Slackware: Security Advisory (SSA:2017-332-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0023)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2321-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:3104-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:3155-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2017-1314)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i
Summary Samba is supported on IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-15275 DESCRIPTION: Samba could allow a remote attacker to obtain sensitive information, caused by a heap memory information leak. By sending a specially crafted request, an attacker...
Security Bulletin: Multiple vulnerabilities in Open Source Samba affect IBM Netezza Host Management
Summary Open Source Samba is used by IBM Netezza Host Mangement. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-12163 DESCRIPTION: Samba could allow a remote authenticated attacker to obtain sensitive information, caused by a memory leak over...
NewStart CGSL MAIN 5.04 : samba Multiple Vulnerabilities (NS-SA-2019-0003)
The remote NewStart CGSL host, running version MAIN 5.04, has samba packages installed that are affected by multiple vulnerabilities: - A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending...
EulerOS Virtualization 3.0.1.0 : samba (EulerOS-SA-2019-1447)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send...
EulerOS Virtualization 2.5.0 : samba (EulerOS-SA-2018-1238)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send...
Fedora Update for samba FEDORA-2018-8e4d871867
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Samba vulnerability affects IBM Storwize V7000 Unified (CVE-2017-15275, CVE-2017-14746 )
Summary IBM Storwize V7000 Unified is shipped with Samba, for which a fix is available for security vulnerability. Vulnerability Details Samba is used in IBM Storwize V7000 Unified to enable file management and authentication services for Microsoft Windows environments. CVEID: CVE-2017-15275...
Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. CVE-2017-12150 Stefan Metzmacher discovered that Samba incorrectly...
Samba SMB1 Server Use After Free (CVE-2017-14746)
A use after free vulnerability exists in the SMB1 component of Samba. The vulnerability is due to insufficient handling of TIDs in certain circumstances. A remote, authenticated attacker could exploit this vulnerability by sending maliciously crafted commands to the target server...
Amazon Linux AMI : samba (ALAS-2017-933)
Use-after-free in processing SMB1 requests A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially crafted SMB1 requests to cause the server to crash or execute arbitrary code. CVE-2017-14746 Server heap-memory...
Important: samba
Issue Overview: Use-after-free in processing SMB1 requests A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. CVE-2017-14746 Server...
openSUSE Security Update : samba (openSUSE-2017-1316)
This update for samba fixes the following issues : Security issues fixed : - CVE-2017-14746: Use-after-free vulnerability bsc1060427. - CVE-2017-15275: Server heap memory information leak bsc1063008. - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file bsc1058624. ...
openSUSE Security Update : samba (openSUSE-2017-1315)
This update for samba fixes the following issues : Security issues fixed : - CVE-2017-14746: Use-after-free vulnerability bsc1060427. - CVE-2017-15275: Server heap memory information leak bsc1063008. Bug fixes : - Update 'winbind expand groups' doc in smb.conf man page bsc1027593. This update was...