MiracleLinux 7 : samba-4.8.3-4.el7 (AXSA:2019-3544:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3544:01 advisory. samba: Weak authentication protocol regression CVE-2018-1139 samba: Insufficient input validation in libsmbclient CVE-2018-10858 samba: NULL pointer...

MiracleLinux 4 : krb5-1.10.3-10.AXS4.1 (AXSA:2013-280:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-280:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-416)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-416 advisory. Samba is vulnerable to path traversal due to insufficient sanitization of clients incoming pipe names. This can lead to the client connecting to as root to a Unix domain socket outside of the...

EulerOS 2.0 SP10 : samba (EulerOS-SA-2023-1829)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Netlogon RPC Elevation of Privilege Vulnerability CVE-2022-38023 Note that Tenable Network Security has extracted the preceding description block...

AlmaLinux 9 : samba (ALSA-2023:2127)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2127 advisory. - Netlogon RPC Elevation of Privilege Vulnerability CVE-2022-38023 Note that Nessus has not tested for this issue but has instead relied only on the application's...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2401)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2022:0328 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Samba Security Vulnerability (CVE-2019-10218)

Malicious servers can cause Samba client code to return filenames containing path separators to calling code. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2021:2313 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE: Security Advisory (SUSE-SU-2012:0348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2319-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2020:1084 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1125)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-1150)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2016-1031)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary Code Execution

Samba is vulnerable to arbitrary code execution attacks. The vulnerability exists because this contains an error in libsmbclient memory. Attacker could execute arbitrary code in the context of the currently logged-in user and overwrite client heap memory by returning an extra long filename in a...

Debian DSA-4443-1 : samba - security update

Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba's Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation. Details can be found in the upstream advisory at C Tenable Network Security, Inc. The...

EulerOS 2.0 SP5 : samba (EulerOS-SA-2019-1150)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - samba: Insufficient input validation in libsmbclient CVE-2018-10858 - samba: NULL pointer dereference in printer server process CVE-2018-1050 Not...

samba: Insufficient input validation in libsmbclient

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client...