CLSA-2026-1778879662 samba: Fix of CVE-2023-42669

CVE-2023-42669: disable rpcecho server by default; rpcecho allowed a blocking sleep in the single-threaded rpc worker, enabling a DoS...

TencentOS Server 3: samba (TSSA-2023:0314)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0314 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2023-47101

Malicious code in bioql PyPI...

CLSA-2025-1738695944 samba: Fix of 2 CVEs

Fix CVE-2023-42669: disable the rpcecho server - Fix CVE-2022-2127: fix out-of-bounds read triggered by a malicious request...

CLSA-2024-1723483357 samba: Fix of 4 CVEs

CVE-2023-4091: fix file truncation issue in aclxattr module by enforcing kernel file system permissions checks, use openaccessmask for access check in openfile in smbd - CVE-2023-34967: fix type confusion vulnerability in mdssvc RPC service by implementing proper type checking in...

EulerOS 2.0 SP11 : samba (EulerOS-SA-2023-3258)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS...

samba security update

4.18.6-2.0.1 - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server...

samba security update

4.18.6-101 - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server...

CVE-2023-42669

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

AZL-31940 CVE-2023-42669 affecting package samba 4.12.5-7

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

ALPINE-CVE-2023-42669

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

Ubuntu 23.10 : Samba vulnerabilities (USN-6425-3)

The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6425-3 advisory. USN-6425-1 fixed vulnerabilities in Samba. This update provides the corresponding updates for Ubuntu 23.10. Tenable has extracted the preceding description...

Samba Security Vulnerabilities

Samba is the standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in Samba, which stems from a security flaw in the rpcecho development server. Allows an attacker to cause a denial of service DOS by calling sleep on the AD DC...