samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

Astra Linux - уязвимость в samba

Samba AD DC includes checks when adding service principal names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks can be bypassed if an account modification re-adds an SPN that was previously present on that account, such as an SPN added...

Samba-smbd-3.x-4.x-Exploitation-using-Metasploit

Samba smbd 3.x–4.x Exploitation using Metasploit Project...

Samba 安全漏洞

Samba is a Samba open source suite of standard Windows interoperability programs for Linux and Unix. A security vulnerability exists in Samba that stems from the smbd service not updating group membership, which could lead to exposed file shares...

Do Not Enable the Samba Service

The daemon of Samba allows the system administrator to configure the Linux system to share file systems and directories with Windows systems. Samba publishes file systems and directories through the Server Message Block SMB protocol. Windows users will be able to mount these directories and file...

Do Not Install the Samba Service

The daemon of Samba allows the system administrator to configure the Linux system to share file systems and directories with Windows systems. Samba publishes file systems and directories through the Server Message Block SMB protocol. Windows users will be able to mount these directories and file...

Linux Distros Unpatched Vulnerability : CVE-2012-0870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other...

samba: type confusion in mdssvc RPC service for spotlight

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol...

Security Bulletin: Publicly disclosed vulnerability from Samba affects IBM Netezza Host Management

Summary Samba is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2020-1472 DESCRIPTION: Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by an error when establishing a...

shadowbroker-1

This repository, fengzihk/shadowbroker-1, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists various exploits, such as EARLYSHOVEL, EBBISLAND, ECHOWRECKER, EASYBEE, and...

CentOS Update for samba3x CESA-2014:0330 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BlackBerry PlayBook Tablet Samba文件共享远程代码执行漏洞

BUGTRAQ ID: 52103 Playbook是一款由黑莓手机厂商RIM研制的平板电脑。它突出游戏、媒体发布和协作功能。 BlackBerry PlayBook在畸形Samba服务的实现上存在远程代码执行漏洞，攻击者可通过Wi-Fi网络或物理接触USB连接计算机利用此漏洞以管理者权限执行任意代码，造成完全控制受影响计算机。 0 BlackBerry PlayBook Tablet Software 1.0.8.6067 BlackBerry PlayBook Tablet Software 1.0.5.2304 BlackBerry PlayBook Tablet Software...

CentOS Update for samba3x CESA-2011:1220 centos5 i386

Check for the Version of samba3x OpenVAS Vulnerability Test CentOS Update for samba3x CESA-2011:1220 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Computer Associates License Client GETCONFIG Overflow

This module exploits a vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be accomplished on a local network by running the 'nmbd' service that comes with Samba. If you are running this...

Use a low-privileged Oracle database accounts give the OS access permissions-bug warning-the black bar safety net

Author:Mickey These days look at the article called"Penetration: from application down to OS Oracle"of the document,feel quite interesting,the document probably means that is,if the ORACLE service is using the administrator account to start,as long as you have a have resource and connect privileg...