EUVD-2019-6010

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-14907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log level = 3 or above then the...

CVE-2023-52440

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbddecodentlmsspauthblob If authblob-SessionKey.Length is bigger than session key sizeCIFSKEYSIZE, slub overflow can happen in key exchange codes. cifsarc4crypt copy to session key array from...

RHEL 4 : samba (RHSA-2016:0625)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0625 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

Synology DiskStation Manager Samba Out-of-bounds Read (CVE-2019-14907)

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log level = 3 or above then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP...

ROS-20240813-01

The vulnerability of the nftsetrbtree function net/netfilter/nftsetrbtree.c of the Netfilter component of the Linux operating system is related to the operation exceeding the memory buffer boundaries. component of the Netfilter component of the Linux operating system is related to an operation...

Oracle Linux 7 : samba (ELSA-2020-3981)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3981 advisory. - resolves: 1791208 - Fix CVE-2019-14907 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Oracle Linux 8 : samba (ELSA-2020-1878)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1878 advisory. - resolves: 1791209 - Fix CVE-2019-14907 - resolves: 1764469 - Fix CVE-2019-10218 - resolves: 1746241 - Fix CVE-2019-10197 Tenable has extracted the...

K95010211: Samba vulnerability CVE-2019-14907

Security Advisory Description All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" or above then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provid...

NewStart CGSL CORE 5.05 / MAIN 5.05 : samba Multiple Vulnerabilities (NS-SA-2021-0167)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has samba packages installed that are affected by multiple vulnerabilities: - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log level = 3 or above...

SUSE: Security Advisory (SUSE-SU-2016:1024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : samba (ALAS-2020-1544)

The version of samba installed on the remote host is prior to 4.10.16-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1544 advisory. All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-2110)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : samba (EulerOS-SA-2020-1341)

According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set...

EulerOS 2.0 SP5 : samba (EulerOS-SA-2020-1131)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with 'log level = 3' or...

CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" or above then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP...

F5 Networks BIG-IP : Samba vulnerabilities (K53313971)

CVE-2016-2110 The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryptio...

Ubuntu 12.04 LTS : samba regressions (USN-2950-4) (Badlock)

USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the 'client ipc signing' parameter to 'auto'. We apologiz...

USN-2950-4: Samba regressions

USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". We apologiz...

MGASA-2016-0151 Updated samba packages fix security vulnerabilities

Updated samba packages fix security vulnerability: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibl...