14 matches found
smb4k-4.0.5-1.2 on GA media (moderate)
smb4k-4.0.5-1.2 on GA media Announcement ID: openSUSE-SU-2026:10370-1 Rating: moderate Cross-References: CVE-2017-8849 CVE-2025-66002 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...
Mageia: Security Advisory (MGASA-2017-0171)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3951-1 : smb4k - security update
Sebastian Krahmer discovered that a programming error in the mount helper binary of the Smb4k Samba network share browser may result in local privilege escalation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debia...
[SECURITY] [DSA 3951-1] smb4k security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3951-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 22, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1002-1] smb4k security update
Package : smb4k Version : 1.2.1-2deb7u1 CVE ID : CVE-2017-8849 Debian Bug : 862505 Sebastian Krahmer from SUSE discovered that smb4k, a Samba SMB share advanced browser, contains a logic flaw in which the mount helper binary does not properly verify the mount command it is being asked to run. Thi...
MGASA-2017-0171 Updated smb4k packages fix security vulnerability
Smb4k contains a logic flaw in which mount helper binary does not properly verify the mount command it is being asked to run. This allows calling any other binary as root since the mount helper is typically installed as suid CVE-2017-8849...
Updated smb4k packages fix security vulnerability
Smb4k contains a logic flaw in which mount helper binary does not properly verify the mount command it is being asked to run. This allows calling any other binary as root since the mount helper is typically installed as suid CVE-2017-8849...
Fedora 24 : smb4k (2017-aceb424894)
Security fix for CVE-2017-8849. https://www.kde.org/info/security/advisory-20170510-2.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 25 : smb4k (2017-2cc18e2b3b)
Security fix for CVE-2017-8849. https://www.kde.org/info/security/advisory-20170510-2.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Security fix for the ALT Linux 8 package kde5-smb4k version 2.0.1-alt1.M80P.1
2.0.1-alt1.M80P.1 built May 19, 2017 Sergey V Turchin in task 183142 --- May 19, 2017 Sergey V Turchin - security fixes: CVE-2017-8849...
openSUSE Security Update : smb4k (openSUSE-2017-595)
This update for smb4k fixes the following issues : - Disabled dbus service and polkit rules, because this version of smb4k has a local root exploit issue boo1036245, CVE-2017-8849. Automatic mounting will no longer be possible to work around this security issue. %NASLMINLEVEL 70300 C Tenable...
CVE-2017-8849
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service...
CVE-2017-8849
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service...
CVE-2017-8849
CVE-2017-8849 affects smb4k, a KDE SMB/CIFS share browser. A logic flaw in the mount helper binary (typically installed setuid) may allow a local user to execute arbitrary commands as root by abusing mount command handling. Public advisories (Debian DSA-3951-1, Mageia, Gentoo GLSA, Fedora package...