Lucene search
K

558 matches found

OSV
OSV
added 2023/07/18 12:15 a.m.1 views

DEBIAN-CVE-2023-38431

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...

9.1CVSS6.6AI score0.01059EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 12:15 a.m.8 views

AZL-27539 CVE-2023-38431 affecting package kernel for versions less than 5.15.122.1-2

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...

9.1CVSS6.8AI score0.01059EPSS
Exploits0References1
OSV
OSV
added 2023/07/18 12:15 a.m.7 views

UBUNTU-CVE-2023-38431

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...

9.1CVSS6.8AI score0.01059EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.4 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.8, which stems from the fact that fs/smb/server/connection.c does not validate the...

9.1CVSS8.5AI score0.01059EPSS
Exploits0References6
NVD
NVD
added 2023/05/11 1:15 p.m.26 views

CVE-2023-0854

Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C...

9.8CVSS9.9AI score0.01163EPSS
Exploits0References4
OSV
OSV
added 2023/05/11 1:15 p.m.6 views

CVE-2023-0854

Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C...

9.8CVSS7.6AI score0.01163EPSS
Exploits0References4
Prion
Prion
added 2023/05/11 1:15 p.m.19 views

Buffer overflow

Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C...

7.5CVSS9.7AI score0.01163EPSS
Exploits0References4Affected Software45
Cvelist
Cvelist
added 2023/05/11 12:0 a.m.32 views

CVE-2023-0854

Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C...

9.8CVSS10AI score0.01163EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.8 views

CVE-2023-0854

Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C...

9.8CVSS9.9AI score0.01163EPSS
Exploits0References4
CVE
CVE
added 2023/05/11 12:0 a.m.60 views

CVE-2023-0854

CVE-2023-0854 affects Canon imageCLASS/Canon printers (notably LBP660C/LBP620C/MF740C/MF640C and related i-SENSYS models) with a buffer overflow in NetBIOS QNAME registration/communication. The root cause is improper handling in the NetBIOS parsing path, specifically cmNetBiosParseName, allowing ...

9.8CVSS9.8AI score0.01163EPSS
Exploits0References4Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2023/05/04 12:0 a.m.33 views

(Pwn2Own) Canon imageCLASS MF743Cdw cmNetBiosParseName Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of NetBIOS names. The issue results from the la...

8.8CVSS7.3AI score0.01163EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.24 views

Debian: Security Advisory (DLA-1226-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.16786EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:22 a.m.5 views

SUSE CVE-1999-0519

A NETBIOS/SMB share password is the default, null, or missing...

7.5CVSS7.2AI score0.05673EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.4 views

SUSE CVE-2014-3560

NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...

7.9CVSS8AI score0.56378EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.3 views

SUSE CVE-2020-10745

A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this...

7.5CVSS6.6AI score0.03874EPSS
Exploits0References17
Rockylinux
Rockylinux
added 2022/11/08 10:51 a.m.19 views

ansible-freeipa bug fix and enhancement update

An update is available for ansible-freeipa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ansible-freeipa package provides Ansible roles and playbooks to...

1.1AI score
Exploits0
Rockylinux
Rockylinux
added 2022/11/02 1:54 p.m.19 views

ansible-freeipa bug fix and enhancement update

An update is available for ansible-freeipa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ansible-freeipa package provides Ansible roles and playbooks to...

1.1AI score
Exploits0
Rockylinux
Rockylinux
added 2022/10/25 7:33 a.m.19 views

ansible-freeipa bug fix and enhancement update

An update is available for ansible-freeipa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ansible-freeipa package provides Ansible roles and playbooks to...

1.1AI score
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2022/09/08 12:0 a.m.87 views

MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability

In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system...

10CVSS7.2AI score0.61018EPSS
In wildExploits7
Kitploit
Kitploit
added 2022/07/27 12:30 p.m.48 views

Pretender - Your MitM Sidekick For Relaying Attacks Featuring DHCPv6 DNS Takeover As Well As mDNS, LLMNR And NetBIOS-NS Spoofing

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing pretender is a tool developed by RedTeam Pentesting to obtain machine-in-the-middle positions via spoofed local name resolution and DHCPv6 DNS takeover attacks. pretender primarily...

6.8AI score
Exploits0References3
Rows per page
Query Builder