Ubuntu: Security Advisory (USN-3158-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3740-1 : samba - security update

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2016-2119 Stefan Metzmacher discovered that client-side SMB2/3 required signing can be downgraded,...

USN-3158-1 samba vulnerabilities

Frederic Besler and others discovered that the ndrpulldnspnam function in Samba contained an integer overflow. An authenticated attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. CVE-2016-2123 Simo Sorce...

[SECURITY] [DSA 3740-1] samba security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3740-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2016 https://www.debian.org/security/faq -...

Flaws in Kerberos PAC validation can trigger privilege elevation.

Description The winbindd part of Samba offers verification and unpacking of the PAC Privilege Attribute Certificate received via Kerberos. When parsing the PAC, winbindd may write beyond the allocated buffer, however the data involved is from the server private key and so not user-controlled...

CVE-2014-6324 - Microsoft Kerberos Checksum Validation Vulnerability

The Kerberos Key Distribution Center KDC in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a...