CVE-2018-16852

Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTYZONEMASTERSERVERS property or...

Samba is_known_pipename() Code Execution

!/usr/bin/perl -w Remote Samba isknownpipename 3.5.0 to 4.4.14, 4.5.10, and 4.6.4. Exploit By NA , NAattutanota.com The orginal bug was discovered by steelo CVE-2017-7494 https://www.samba.org/samba/security/CVE-2017-7494.html Tested on Samba 4.5.8-Debian Requirments for this exploit to run: perl...

EulerOS 2.0 SP1 : samba (EulerOS-SA-2016-1014)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of...

Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)

Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...

Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)

Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...

Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)

Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...

Microsoft Windows 2003 SP2 ERRATICGOPHER SMB Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory corruption seems to be a Heap Overflow in the Windows DCE-RPC Call...

Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory corruption seems to be a Heap Overflow in the Windows DCE-RPC Call...

Microsoft Windows 2003 SP2 - ERRATICGOPHER SMB Remote Code Execution

Microsoft Windows 2003 SP2 - ERRATICGOPHER SMB Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory...

DCE/RPC and MSRPC Services Enumeration Reporting

Distributed Computing Environment / Remote Procedure Calls DCE/RPC or MSRPC based service enumeration reporting. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Samba 4.2.x < 4.2.11 / 4.3.x < 4.3.8 / 4.4.x < 4.4.2 Multiple MitM

Binary data 9822.prm...

Amazon Linux: Security Advisory (ALAS-2016-732)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Samba < 4.4.2, 4.3.8, 4.2.11, 3.6.26 Multiple Vulnerabilities

Binary data 802024.prm...

Amazon Linux AMI : samba (ALAS-2016-732)

A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

Medium: samba

Issue Overview: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server. Affected Packages: samba Issue Correction: Run yum update samba or yum upda...

CentOS Update for samba4 CESA-2016:1487 centos6

Check the version of samba4 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882525";...

RHEL 6 / 7 : samba (RHSA-2016:1494)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1494 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which...

RHEL 7 : samba (RHSA-2016:1486)

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CentOS 6 : samba4 (CESA-2016:1487)

An update for samba4 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Gluster Storage 3.1 for RHEL 6 and Red Hat Gluster Storage 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...