Samba 4.10.0 < 4.13.14, 4.14.0 < 4.14.10, 4.15.0 < 4.15.2 DCE/RPC Fragment Injection Vulnerability

Samba is prone to a DCE/RPC fragment injection vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

CVE-2021-3738

In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...

CVE-2021-23192

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements. Mitigation Setting dcesrv:max auth states=0 in the...

CVE-2021-23192

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements...

Subsequent DCE/RPC fragment injection vulnerability

Description Samba implements DCE/RPC, and in most cases it is provided over and protected by the underlying SMB transport, with protections like 'SMB signing'. However there are other cases where large DCE/RPC request payloads are exchanged and fragmented into several pieces. If this happens over...

CVE-2021-3738

In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...

[SECURITY] [DSA 4946-2] openjdk-11-jre-dcevm update

------------------------------------------------------------------------- Debian Security Advisory DSA-4946-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 11, 2021 https://www.debian.org/security/faq -...

Exploit for CVE-2021-1675

PrintNightmare CVE-2021-1675 This Zeek script detects succe...

SUSE: Security Advisory (SUSE-SU-2019:3318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-5V5H-4W2G-GXXC SQL Injection in t3/dce

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

[SECURITY] [DSA 4899-2] openjdk-11-jre-dcevm update

------------------------------------------------------------------------- Debian Security Advisory DSA-4899-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 31, 2021 https://www.debian.org/security/faq -...

CVE-2021-31777

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

Sql injection

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

CVE-2021-31777

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

CVE-2021-31777

The TYPO3 Dynamic Content Element (dce) extension vulnerabilities (versions 2.2.0–2.6.x before 2.6.2 and 2.7.x before 2.7.1) allow an SQL Injection via a backend user account. This is confirmed across multiple sources (CVE-2021-31777). A sample exploit exists in public write-ups (e.g., packetstor...

SUSE SLES12 Security Update : samba (SUSE-SU-2020:3082-1)

This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:3092-1)

This update for samba fixes the following issues : CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify bsc1173902...

Denial Of Service (DoS)

samba is vulnerable to denial of service DoS. The vulnerability exists as an authenticated user can crash the DCE/RPC DNS with easily crafted records...

openSUSE Security Update : samba (openSUSE-2020-1811)

This update for samba fixes the following issues : - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify...

openSUSE: Security Advisory for samba (openSUSE-SU-2020:1811-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...