17 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-4154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only...
Western Digital My Cloud Multiple Products 5.x < 5.30.103 Multiple Vulnerabilities (WDC-25001)
Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for samba (SUSE-SU-2023:4059-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for samba (SUSE-SU-2023:4046-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-3286)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6425-1: Samba vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to...
CVE-2023-4154
Samba CVE-2023-4154 describes a DirSync control flaw that exposes domain passwords/secrets to privileged users and RODCs, allowing access to all attributes (including krbtgt) and potentially bypassing the RODC/DC boundary. Exploitation is indicated as network-exploitable with low privileges and n...
Fedora: Security Advisory for samba (FEDORA-2023-fff0c857d6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4096-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:4096-1 Security update for samba
This update for samba fixes the following issues: - CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions. bsc1215904 - CVE-2023-42669: Fixed a bug in 'rpcecho' development server which allows Denial of Service via sleep call on AD DC. bso1215905 - CVE-2023-4154:...
Slackware: Security Advisory (SSA:2023-284-03)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5525-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5525-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 11, 2023 https://www.debian.org/security/faq -...
SUSE-SU-2023:4046-1 Security update for samba
This update for samba fixes the following issues: - CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions. bsc1215904 - CVE-2023-42669: Fixed a bug in 'rpcecho' development server which allows Denial of Service via sleep call on AD DC. bsc1215905 - CVE-2023-42670:...
[slackware-security] samba
New samba packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/samba-4.18.8-i586-1slack15.0.txz: Upgraded. This is a security release in order to address the following defects: Unsanitized pipe name...
Samba 4.0.0 < 4.17.12, 4.18.0 < 4.18.8, 4.19.0 Multiple Vulnerabilities
Samba is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba"; ifdescription...
Ubuntu: Security Advisory (USN-6425-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6425-1: Samba vulnerabilities
Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. CVE-2023-4091 Andrew Bartlett discovered that Samba incorrectly handl...