78 matches found
Negative idmap cache entries can cause incorrect
Description The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could caus...
CVE-2021-30455
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clonefrom upon a .clone panic...
Multiple functions can cause double-frees
The following functions in the crate are affected: IdMap::clonefrom The clonefrom implementation for IdMap drops the values present in the map and then begins cloning values from the other map. If a .clone call pancics, then the afformentioned dropped elements can be freed again. getorinsert...
Medium: sssd
Issue Overview: A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.CVE-2018-16838 A vulnerability was found in sss...
Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Nested User Namespace idmap Limit Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in Linux kernels...
Linux Nested User Namespace idmap Limit Local Privilege Escalation Exploit
This Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root CVE-2018-18955. The target system must have unprivileged user namespaces enabl...
SUSE-SU-2018:3161-1 Security update for samba
Samba was updated to 4.6.15, bringing bug and security fixes. bsc1110943 Following security issues were fixed: - CVE-2018-10919: Fix unauthorized attribute access via searches. bsc1095057; Non-security bugs fixed: - Fix ctdbmutexcephradoshelper deadlock bsc1102230. - Allow idmaprid to have primar...
Debian: Security Advisory (DLA-1429-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : samba (SUSE-SU-2016:0032-1)
This update for Samba fixes the following security issues : - CVE-2015-5330: Remote read memory exploit in LDB bnc958586. - CVE-2015-5252: Insufficient symlink verification file access outside the share bnc958582. - CVE-2015-5296: No man in the middle protection when forcing smb encryption on the...
Oracle Sun Solaris Kernel IDMap Subcomponent Denial of Service Vulnerability
Oracle Sun Solaris is a set of Unix-like operating systems from Oracle. A security vulnerability exists in the Kernel IDMap subcomponent in Oracle Sun Solaris version 11.2. A remote attacker could exploit this vulnerability to cause a denial of service...
CVE-2015-2578
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote attackers to affect availability via vectors related to Kernel IDMap...
Design/Logic Flaw
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote attackers to affect availability via vectors related to Kernel IDMap...
CVE-2015-2578
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote attackers to affect availability via vectors related to Kernel IDMap...
Oracle Solaris Critical Patch Update : apr2015_SRU11_2_8_5_0
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: ZFS File system. The supported version that is affected is 11.2. Easily exploitable vulnerability requiring logon to...
SuSE 11.2 Security Update : Samba (SAT Patch Number 8170)
The Samba server suite received a security update to fix a denial of service problem in integer wrap protection. CVE-2013-4124. Additionally, the following stability fixes are included in this update : - Do not restart the smbfs service on pre-11.3 systems during dhcp lease renewal when the IP...
CVE-2009-2012
Unspecified vulnerability in idmap in Sun OpenSolaris snv88 through snv110, when a CIFS server is enabled, allows local users to cause a denial of service idpmapd daemon crash and idmapd outage via unknown vectors...
CVE-2009-2012
Unspecified vulnerability in idmap in Sun OpenSolaris snv88 through snv110, when a CIFS server is enabled, allows local users to cause a denial of service idpmapd daemon crash and idmapd outage via unknown vectors...
CVE-2009-2012
CVE-2009-2012 affects Sun OpenSolaris with CIFS server enabled, in idmap within SNV builds snv_88 through snv_110. A local-privilege context allows denial of service, causing idpmapd daemon crash and idmapd outage via unknown vectors. The public records do not provide concrete exploitation detail...