50 matches found
CVE-2011-2411 vulnerabilities
Vulnerabilities for packages: samba...
CVE-2022-37966 vulnerabilities
Vulnerabilities for packages: samba...
CVE-2022-37967 vulnerabilities
Vulnerabilities for packages: samba...
Linux Distros Unpatched Vulnerability : CVE-2015-5330
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows...
MGASA-2023-0247 Updated samba packages fix security vulnerability
Out-of-bounds read due to insufficient length checks in winbinddpamauthcrap.c CVE-2022-2127 Improper SMB2 packet signing mechanism leading to man in the middle risk CVE-2023-3347 Infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight CVE-2023-34966 Type Confusion...
EulerOS 2.0 SP10 : samba (EulerOS-SA-2023-1829)
According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Netlogon RPC Elevation of Privilege Vulnerability CVE-2022-38023 Note that Tenable Network Security has extracted the preceding description block...
MGASA-2023-0127 Updated ldb/samba packages fix security vulnerability
Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated users CVE-2023-0225 Read access controlled AD LDAP attributes CVE-2023-0614 Cleartext password sending by AD DC admin tool CVE-2023-0922...
[slackware-security] samba
New samba packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/samba-4.15.11-i586-1slack15.0.txz: Upgraded. This update fixes the following security issue: There is a limited write heap buffer...
Updated samba packages fix security vulnerability
Multiple security issues affecting ldb, samba and sssd. See references for details...
MGASA-2021-0585 Updated samba packages fix security vulnerability
Multiple security issues affecting ldb, samba and sssd. See references for details...
Moderate: Red Hat Bug Fix Advisory: samba bug fix update
Updated samba packages that fix one bug and adds an enhancement are now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 8. Red Hat Gluster Storage is software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data...
MGASA-2020-0205 Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server CVE-2020-10700. A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing ...
MGASA-2019-0286 Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: A combination of parameters and permissions in smb.conf can allow user to escape from the share path definition CVE-2019-10197. An authenticated user can crash the Samba AD DC's RPC server process via a NULL pointer dereference CVE-2019-12435 A...
openSUSE Security Update : samba (openSUSE-2019-2142)
This update for samba fixes the following issues : Security issue fixed : - CVE-2019-10197: Fixed user escape from share path definition bsc1141267. Bug fix : - Prepare for future use of kernel keyrings, modify /etc/pam.d/samba to include pamkeyinit.so; bsc1144059. This update was imported from t...
MGASA-2018-0424 Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: A malicious server could return a directory entry that could corrupt libsmbclient memory CVE-2018-10858. Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions CVE-2018-10919. Th...
MGASA-2018-0201 Updated samba packages fix security vulnerabilities
It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon CVE-2018-1050. Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server incorrectly validates permissions to modify passwords over LDA...
MGASA-2018-0023 Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. CVE-2017-12150 Stefan Metzmacher discovered that Samba incorrectly...
Debian DLA-1110-1 : samba security update
CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12163 Yihan Lian and Zhibin Hu discovered that insufficient range checks in the processing of SMB1 write requests could result in disclosure of server memory. For Debian 7 'Wheezy', these...
Updated samba packages fix security vulnerability
Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Samba clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network servers or perform other attacks CVE-2017-11103. The samba package has been updated...
MGASA-2016-0431 Updated samba packages fix security vulnerability
Samba client code always requests a forwardable ticket when using Kerberos authentication. This means the target server, which must be in the current or trusted domain/realm, is given a valid general purpose Kerberos "Ticket Granting Ticket" TGT, which can be used to fully impersonate the...