7 matches found
openSUSE Security Update : samba (openSUSE-2020-1526)
"This update for samba fixes the following issues : - ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC CVE-2020-147...
openSUSE Security Update : ldb / samba (openSUSE-2020-1313)
"This update for ldb, samba fixes the following issues : Changes in samba : - Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; bso14364 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
openSUSE Security Update : ldb / samba (openSUSE-2020-1023)
"This update for ldb, samba fixes the following issues : Changes in samba : - Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; bso14364 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
openSUSE Security Update : samba (openSUSE-2018-649)
"Samba was updated to 4.6.14, fixing bugs and security issues : Version update to 4.6.14 bsc1093664 : + vfsceph: add fake async pwrite/pread send/recv hooks; bso13425. + Fix memory leak in vfsceph; bso13424. + winbind: avoid using fstrcpydcname,... in dualinitconnection; bso13294. + s3:smb2server...
SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2018:1687-1)
"Samba was updated to 4.6.14, fixing bugs and security issues: Version update to 4.6.14 bsc1093664 : + vfsceph: add fake async pwrite/pread send/recv hooks; bso13425. + Fix memory leak in vfsceph; bso13424. + winbind: avoid using fstrcpydcname,... in dualinitconnection; bso13294. + s3:smb2server:...
Security update for samba (important)
This update for the samba server fixes the following issues: Security issue fixed: - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648; bsc968222. Other bugs fixed: - Enable clustering CTDB support; bsc966271. - s3: smbd: Fix timestamp...
UBUNTU-CVE-2015-5296
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c,...