160 matches found
Ubuntu: Security Advisory (USN-2856-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : ldb vulnerabilities (USN-2856-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2856-1 advisory. Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb...
USN-2856-1 ldb vulnerabilities
Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb, such as Samba, to stop responding, resulting in a denial of service. CVE-2015-3223 Douglas Bagnall discovered that ldb incorrectly handled...
USN-2856-1: ldb vulnerabilities
Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb, such as Samba, to stop responding, resulting in a denial of service. CVE-2015-3223 Douglas Bagnall discovered that ldb incorrectly handled...
CVE-2015-5330
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading 1 an error message ...
DEBIAN-CVE-2015-3223
The ldbwildcardcompare function in ldbmatch.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service infinite loop via crafted packets...
CVE-2015-3223
The ldbwildcardcompare function in ldbmatch.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service infinite loop via crafted packets...
CVE-2015-5330
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading 1 an error message ...
CVE-2015-5330
CVE-2015-5330 affects the ldb component used by the Samba AD LDAP server. The issue arises in ldb before 1.1.24, within Samba 4.x deployments (before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3), where string lengths are mishandled. This enables a remote attacker to read sensitive data fro...
openSUSE Security Update : samba / ldb / talloc / etc (openSUSE-2015-945)
"This update for ldb, samba, talloc, tdb, tevent fixes the following issues : ldb was updated to 1.1.24. + Fix ldap \00 search expression attack dos; cve-2015-3223; bso11325 + Fix remote read memory exploit in ldb; cve-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h for testing + Fix...
openSUSE Security Update : ldb / samba / talloc / etc (openSUSE-2015-943)
"This update for ldb, samba, talloc, tdb, tevent fixes the following security issues and bugs : The Samba LDB was updated to version 1.1.24 : - Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 - Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 - Move ldbunpackdata...
openSUSE: Security Advisory for samba (openSUSE-SU-2015:2356-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for samba, ldb, talloc, tdb, tevent (important)
This update for ldb, samba, talloc, tdb, tevent fixes the following issues: ldb was updated to 1.1.24. + Fix ldap \00 search expression attack dos; cve-2015-3223; bso11325 + Fix remote read memory exploit in ldb; cve-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h for testing + Fix...
SUSE SLED12 / SLES12 Security Update : ldb, samba, talloc, tdb, tevent (SUSE-SU-2015:2304-1)
"This update for ldb, samba, talloc, tdb, tevent fixes the following security issues : - ldb was updated to version 1.1.24. + Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 + Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h f...
SUSE SLED12 / SLES12 Security Update : ldb, samba, talloc, tdb, tevent (SUSE-SU-2015:2305-1)
"This update for ldb, samba, talloc, tdb, tevent fixes the following security issues and bugs : The Samba LDB was updated to version 1.1.24 : - Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 - Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 - Move ldbunpackdata...
SUSE-SU-2015:2305-1 Security update for ldb, samba, talloc, tdb, tevent
This update for ldb, samba, talloc, tdb, tevent fixes the following security issues and bugs: The Samba LDB was updated to version 1.1.24: - Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 - Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 - Move ldbunpackdata int...
SUSE-SU-2015:2304-1 Security update for ldb, samba, talloc, tdb, tevent
This update for ldb, samba, talloc, tdb, tevent fixes the following security issues: - ldb was updated to version 1.1.24. + Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 + Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h for...
UBUNTU-CVE-2015-3223
The ldbwildcardcompare function in ldbmatch.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service infinite loop via crafted packets...
openSUSE Security Update : samba (openSUSE-SU-2014:1040-1)
"This samba update fixes the following security and non security issues : - Fix winbind service parameter usage; bnc890005. - lib/param: change the default for 'winbind expand groups' to '0'; bnc890008. - Update to 4.1.11. + A malicious browser can send packets that may overwrite the heap of the...
DEBIAN-CVE-2008-3789
Samba 3.2.0 uses weak permissions 0666 for the 1 groupmapping.tdb and 2 groupmapping.ldb files, which allows local users to modify the membership of Unix groups...