13 matches found
Astra Linux – Vulnerability in Samba
The Samba vfsfruit module uses extended file attributes EA, xattr to provide “…enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.” Samba versions prior to 4.13.17, 4.14.12, and 4.15.5, when vfsfruit was configured, allowed out-of-bounds heap read...
VulnCheck KEV: CVE-2021-44142
The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and...
samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution
An out-of-bounds heap read write vulnerability was found in Samba. Due to a boundary error when processing EA metadata while opening files in smbd within the VFS Samba module vfsfruit, a remote attacker with ability to write to file's extended attributes can trigger an out-of-bounds write and...
ALPINE-CVE-2021-44142
The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...
CLSA-2022-1643914257 Fix of CVE: CVE-2021-44142
CVE-2021-44142: Fix out-of-bounds heap read/write vulnerability in VFS module vfsfruit rhbz2046152...
USN-5260-3 samba vulnerability
USN-5260-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issu...
USN-5260-2 samba vulnerability
Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root. CVE-2021-44142...
USN-5260-1 samba vulnerabilities
Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root. CVE-2021-44142 Michael Hanselmann discovered that Samb...
samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution
An out-of-bounds heap read write vulnerability was found in Samba. Due to a boundary error when processing EA metadata while opening files in smbd within the VFS Samba module vfsfruit, a remote attacker with ability to write to file's extended attributes can trigger an out-of-bounds write and...
samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution
An out-of-bounds heap read write vulnerability was found in Samba. Due to a boundary error when processing EA metadata while opening files in smbd within the VFS Samba module vfsfruit, a remote attacker with ability to write to file's extended attributes can trigger an out-of-bounds write and...
Samba 数据伪造问题漏洞
Samba is a standard Windows interoperability program suite for Linux and Unix. A data forgery vulnerability exists in Samba that stems from a failure of the product's vfsfruit module to properly handle memory operations. An attacker could cause a denial of service via this vulnerability...
UBUNTU-CVE-2021-44142
The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...
Vulnerabilities fixed in Samba
Vulnerabilities have been fixed in Samba. The vulnerabilities allow a malicious person to perform attacks leading to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Spoofing Access to system data The vulnerability with attribute...