EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2024-1704)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when...

QNAP QTS / QuTS hero Vulnerabilities in Samba (QSA-23-20)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-20 advisory. - A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory...

Updated samba packages fix security vulnerabilities

This update fixes the security issues below. A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like...

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

[slackware-security] samba

New samba packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/samba-4.18.8-i586-1slack15.0.txz: Upgraded. This is a security release in order to address the following defects: Unsanitized pipe name...

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...