3 matches found
Samba Releases Security Updates
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Samba Security Announcements...
MGASA-2019-0011 Updated ldb, talloc, and samba packages fix security vulnerabilities
Florian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME loops, resulting in denial of service CVE-2018-14629. Alex MacCuish discovered that a user with a valid certificate or smart card can crash the Samba AD DC's KDC when configured to accept smart-card...
MGASA-2017-0145 Updated samba packages fix security vulnerability
A flaw was found in the way Samba handled PAC Privilege Attribute Certificate checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process CVE-2016-2126. Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this...