EUVD-2003-0458

Malware in sbrugna...

SUSE CVE-2012-1182

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

Security update for p11-kit (important)

openSUSE Security Update: Security update for p11-kit Announcement ID: openSUSE-SU-2021:1611-1 Rating: important References: 1180064 1187993 Cross-References: CVE-2020-29361 CVSS scores: CVE-2020-29361 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-29361 SUSE: 7.5...

SUSE: Security Advisory (SUSE-SU-2021:4154-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for p11-kit (important)

openSUSE Security Update: Security update for p11-kit Announcement ID: openSUSE-SU-2021:4154-1 Rating: important References: 1180064 1187993 Cross-References: CVE-2020-29361 CVSS scores: CVE-2020-29361 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-29361 SUSE: 7.5...

CVE-2021-28354 Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

Security fix for the ALT Linux 8 package samba version 4.4.2-alt1

April 12, 2016 Andrey Cherepanov 4.4.2-alt1 - New version - Security fixes: - CVE-2015-5370 Multiple errors in DCE-RPC code - CVE-2016-2110 Man in the middle attacks possible with NTLMSSP - CVE-2016-2111 NETLOGON Spoofing Vulnerability - CVE-2016-2112 LDAP client and server don't enforce integrit...

Security fix for the ALT Linux 10 package samba version 4.4.2-alt1

April 12, 2016 Andrey Cherepanov 4.4.2-alt1 - New version - Security fixes: - CVE-2015-5370 Multiple errors in DCE-RPC code - CVE-2016-2110 Man in the middle attacks possible with NTLMSSP - CVE-2016-2111 NETLOGON Spoofing Vulnerability - CVE-2016-2112 LDAP client and server don't enforce integrit...

Important: Red Hat Security Advisory: openstack-ceilometer security and bug fix update

Updated OpenStack Telemetry packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which give...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140610)

A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory...

Oracle Linux 5 : kernel (ELSA-2014-0740)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0740 advisory. - infiniband rds: dereference of a NULL device Jacob Tanenbaum 1079216 1079217 CVE-2013-7339 - block floppy: don't write kernel-only members to FDRAWCM...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

Mandriva Update for samba MDVSA-2012:055 (samba)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

FreeBSD Ports: samba34

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Remote Pre-Authentication Flaw Fixed in Samba

There is a serious remotely exploitable vulnerability in the Samba open-source software that could enable an attacker to gain root privileges without any authentication. The bug is in all versions of Samba from 3.0.x to 3.6.3, but has been fixed in Samba 3.6.4, which is the current stable release...

Input validation

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

CVE-2012-1182

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

FreeBSD -- arc4random(9) predictable sequence vulnerability

Problem Description: When the arc4random9 random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random9; and it may take up to 5 minutes before arc4random9 is reseeded with secure entropy from the Yarrow random number...