18 matches found
auto-enrolment GPO installing CA certificate over http
Description If the certificate auto-enrollment GPO is enabled on domain members both in Samba's smb.conf and using Windows GPME tool, a CA certificate may be fetched using a plain HTTP connection and installed in the member computer's trust store. This may give an attacker a chance to intercept t...
Denial of service against AD DC WINS server
Description The Windows Internet Naming Service 1 is an unauthenticated service for registering and looking up names in a NetBIOS network running on TCP and UDP 2. The protocol handlers for the RELEASE and MULTIHOMEREG packets in the WINS server running when Samba is configured as an Active...
CLSA-2025-1759419790 samba: Fix of CVE-2020-25717
CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where regular user id starts from 500, so change the default value of the new config parameters added: "min domain uid" to 500...
CLSA-2023-1691606420 samba: Fix of 2 CVEs
CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request - CVE-2023-34966: Fix infinite loop vulnerability in mdssvc RPC service...
Solaris 10 (sparc) : 119757-45
SunOS 5.10: Samba patch. Date this patch was last updated by Sun : Jul/13/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid138420; scriptversion"1.3";...
Solaris 10 (x86) : 119758-44
SunOS 5.10x86: Samba patch. Date this patch was last updated by Sun : Oct/14/19 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid129873; scriptversion"1.4";...
Solaris 10 (sparc) : 119757-30
SunOS 5.10: Samba patch. Date this patch was last updated by Sun : Jan/14/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (x86) : 119758-31
SunOS 5.10x86: Samba patch. Date this patch was last updated by Sun : Feb/15/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (sparc) : 146363-01
SunOS 5.10: Samba patch. Date this patch was last updated by Sun : Jan/04/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (x86) : 119758-38
SunOS 5.10x86: Samba patch. Date this patch was last updated by Sun : Apr/17/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (x86) : 119758-43
SunOS 5.10x86: Samba patch. Date this patch was last updated by Sun : Nov/09/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Oracle Solaris Third-Party Patch Update : samba (multiple_vulnerabilities_in_samba_web)
The remote Solaris system is missing necessary patches to address security updates : - The Samba Web Administration Tool SWAT in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a 1 FRAME or 2 IFRAME element...
Solaris 10 (sparc) : 146363-01
SunOS 5.10: Samba patch. Date this patch was last updated by Sun : Jan/04/11 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...
SUSE-SA:2004:045: samba
The remote host is missing the patch for the advisory SUSE-SA:2004:045 samba. The Samba developers informed us about several potential integer overflow issues in the Samba 2 and Samba 3 code. This update adds constraints to the Samba server code which protects it from using values from untrusted...
Possible Buffer Overrun in smbd
Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability A patch for Samba 3.0.7 samba-3.0.7-CAN-2004-0882.patch is available from http://www.samba.org/samba/ftp/patches/security/. The patch has been signed with the "Samba Distribution Verificati...
Potential Remote Denial of Service
Summary: A remote attacker could cause and smbd process to consume abnormal amounts of system resources due to an input validation error when matching filenames containing wildcard characters. Patch Availability A patch for Samba 3.0.7 samba-3.0.7-CAN-2004-0930.patch is available from...
Potential Arbitrary File Access
Summary: A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection. Patch Availability The patch for Samba 3.0.2a and earlier releases 3.0.x samba-3.0.2a-reducename.patch can be...
SUSE-SA:2003:016: samba, samba-client
The remote host is missing the patch for the advisory SUSE-SA:2003:016 samba, samba-client. Sebastian Krahmer, SUSE Security Team, reviewed security-critical parts of the Samba server within the scope of security audits that the SUSE Security Team conducts on a regular basis for security-critical...