Lucene search
K

18 matches found

Check Point Advisories
Check Point Advisories
added 2017/01/25 12:0 a.m.6 views

Samba NDR Parsing ndr_pull_dnsp_name Integer Overflow (CVE-2016-2123)

An integer overflow vulnerability exists in Samba. The vulnerability is due to incorrectly parsing crafted NDR data that results in an integer overflow. A remote, authenticated attacker could exploit this vulnerability by sending malicious packets to a vulnerable Samba service and could result in...

6.5CVSS6.5AI score0.06226EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2017/01/20 12:0 a.m.47 views

Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NDR data. The issue results from the lack of proper validation of the length of...

6.8CVSS8.8AI score0.06226EPSS
Exploits0References1
Samba
Samba
added 2016/12/19 12:0 a.m.535 views

Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer

Description The Samba routine ndrpulldnspname contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndrpulldnspname parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory...

8.8CVSS0.8AI score0.06226EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.43 views

Scientific Linux Security Update : samba on SL5.x, SL4.x, SL3.x i386/x86_64

Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba. A remote attacker could have sent carefully crafted requests causing a heap overflow, which may have led to the ability to execute arbitrary code on the server. CVE-2007-2446 Unescaped user input parameters were bein...

10CVSS8.5AI score0.77806EPSS
Exploits38References3
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.32 views

Ubuntu Update for samba vulnerabilities USN-460-1

Ubuntu Update for Linux kernel vulnerabilities USN-460-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4601.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for samba vulnerabilities USN-460-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

10CVSS0.1AI score0.77806EPSS
Exploits38References2
Tenable Nessus
Tenable Nessus
added 2007/05/16 12:0 a.m.36 views

CentOS 3 / 4 / 5 : samba (CESA-2007:0354)

Updated samba packages that fix several security flaws are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients. Various bugs were found in NDR parsing, used to deco...

10CVSS8.5AI score0.77806EPSS
Exploits38References8
Tenable Nessus
Tenable Nessus
added 2007/05/16 12:0 a.m.71 views

Debian DSA-1291-1 : samba - several vulnerabilities

Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux. - CVE-2007-2444 When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a...

10CVSS8.2AI score0.77806EPSS
Exploits38References7
Tenable Nessus
Tenable Nessus
added 2007/05/16 12:0 a.m.38 views

Mandrake Linux Security Advisory : samba (MDKSA-2007:104-1)

A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server CVE-2007-2446. A remote...

10CVSS8.8AI score0.77806EPSS
Exploits38References3
securityvulns
securityvulns
added 2007/05/15 12:0 a.m.86 views

[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Multiple Heap Overflows Allow Remote == Code Execution == CVE ID: CVE-2007-2446 == == Versions: Samba 3.0.0 - 3.0.25rc3 inclusive == == Summary: Various bugs in Samba's NDR...

10CVSS0.8AI score0.77806EPSS
Exploits23
Cent OS
Cent OS
added 2007/05/14 11:38 p.m.77 views

samba security update

CentOS Errata and Security Advisory CESA-2007:0354-01 Updated samba packages that fix several security flaws are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients...

10CVSS7.3AI score0.77806EPSS
Exploits38References8
Prion
Prion
added 2007/05/14 9:19 p.m.23 views

Heap overflow

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...

10CVSS7.7AI score0.77806EPSS
Exploits23References75Affected Software1
NVD
NVD
added 2007/05/14 9:19 p.m.22 views

CVE-2007-2446

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...

10CVSS7.6AI score0.77806EPSS
Exploits23References75
OSV
OSV
added 2007/05/14 9:19 p.m.3 views

DEBIAN-CVE-2007-2446

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...

10CVSS9.6AI score0.77806EPSS
Exploits23References1
Cvelist
Cvelist
added 2007/05/14 9:0 p.m.26 views

CVE-2007-2446

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...

7.5AI score0.77806EPSS
Exploits23References75
Debian CVE
Debian CVE
added 2007/05/14 9:0 p.m.37 views

CVE-2007-2446

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...

10CVSS8.1AI score0.77806EPSS
Exploits23
CVE
CVE
added 2007/05/14 9:0 p.m.157 views

CVE-2007-2446

CVE-2007-2446 is a remote code execution vulnerability in Samba, caused by heap-based buffer overflows in the NDR parsing of the SMB/CIFS NetDFS/LSA RPC interfaces. Affected are Samba 3.0.0 through 3.0.25rc3. The flaw is triggered by crafted MS-RPC requests and affects multiple RPC operations, in...

10CVSS7.6AI score0.77806EPSS
Exploits23References75Affected Software1
Samba
Samba
added 2007/05/14 12:0 a.m.51 views

Multiple Heap Overflows Allow Remote

Description Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. Patch Availability A patch against Samba 3.0.24 has been posted at http://www.samba.org/samba/security/ Workaround There is no...

10CVSS8.2AI score0.77806EPSS
Exploits23
FreeBSD
FreeBSD
added 2007/05/14 12:0 a.m.45 views

samba -- multiple vulnerabilities

The Samba Team reports: A bug in the local SID/Name translation routines may potentially result in a user being able to issue SMB/CIFS protocol operations as root. When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal...

10CVSS6.4AI score0.77806EPSS
Exploits38References3
Rows per page
Query Builder