32 matches found
EUVD-2018-2973
Malware in sbrugna...
EUVD-2020-3176
Malware in sbrugna...
EUVD-2015-5301
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-14628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could...
Linux Distros Unpatched Vulnerability : CVE-2016-2112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the client ldap sasl wrapping...
Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-206)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-206 advisory. An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved...
The vulnerability of the LDAP server of the Samba networking software allows a hacker to remove the DNS-Host-Name attribute from any object in the directory.
The vulnerability of the LDAP server AD DC in the Samba networking software package is related to the incorrect assignment of permissions for a critical resource. Exploiting this vulnerability could allow an attacker to remove the DNS-Host-Name attribute from any object in the directory...
SUSE CVE-2015-7540
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service memory consumption and daemon crash via crafted packets...
SUSE CVE-2016-2112
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream...
AZL-45138 CVE-2022-32746 affecting package libldb for versions less than 2.7.2-1
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...
CVE-2022-32746
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...
Important: Red Hat Security Advisory: libldb security update
An update for libldb is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
The vulnerability of the LDAP server of the Samba networking software package, related to pointer arithmetic errors, allows a hacker to trigger a service failure.
The vulnerability of the Samba networking software’s LDAP server is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...
DEBIAN-CVE-2020-10760
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba...
CVE-2020-10760
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba...
CVE-2020-10760
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba...
CVE-2020-10760
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba...
UBUNTU-CVE-2020-10760
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba...
Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server CVE-2020-10700. A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing ...
USN-4341-2: Samba vulnerability
USN-4341-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources,...