5 matches found
Netatalk contains multiple error and memory management vulnerabilities
Overview There are six new vulnerabilities in the latest release of Netatalk 3.1.12 that could allow for Remote Code Execution as well as Out-of-bounds Read. Description Below are the new CVEs. Per ZDI: CVE-2022-0194 This vulnerability allows remote attackers to execute arbitrary code on affected...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1763)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-8611 CVE-2021-44142 affecting package samba 4.12.5-7
The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...
Amazon Linux 2 : samba (ALAS-2022-1746)
The version of samba installed on the remote host is prior to 4.10.16-18. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1746 advisory. Out-of-bounds heap read/write vulnerability in VFS module vfsfruit allows code execution CVE-2021-44142 Tenable has...
Ubuntu 20.04 LTS : Samba vulnerabilities (USN-5260-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5260-1 advisory. Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samb...