Linux Distros Unpatched Vulnerability : CVE-2023-0922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection...

Fedora 37 : libldb / samba (2023-fca3bfed78)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-fca3bfed78 advisory. Update to ldb 2.6.2 and samba 4.17.7 Security fixes for CVE-2023-0225, CVE-2023-0922, CVE-2023-0614 Tenable has extracted the preceding description...

samba 安全漏洞

Samba is the standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in samba that stems from the AD DC administration tool, samba-tool, which sends passwords in clear text...

openSUSE Security Update : ldb / samba (openSUSE-2020-1313)

"This update for ldb, samba fixes the following issues : Changes in samba : - Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; bso14364 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

(SWAT): XSS flaw in Change Password page

Cross-site scripting XSS vulnerability in the chgpasswd function in web/swat.c in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program aka the user field...