EUVD-2021-23557

Malware in sbrugna...

CVE-2021-36981

In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code...

Spotlight server-side Share Path Disclosure

Description As part of the Spotlight protocol, the initial request returns a path associated with the sharename targeted by the RPC request. Samba returns the real server-side share path at this point, as well as returning the absolute server-side path of results in search queries by clients. Kno...

Exploit for Deserialization of Untrusted Data in Sernet Verinice

CVE-2021-36981 Verinice.Pro 1.22.1 Unsafe Java deserialization...

Subsequent DCE/RPC fragment injection vulnerability

Description Samba implements DCE/RPC, and in most cases it is provided over and protected by the underlying SMB transport, with protections like 'SMB signing'. However there are other cases where large DCE/RPC request payloads are exchanged and fragmented into several pieces. If this happens over...

CVE-2021-36981

In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code...

CVE-2021-36981

In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code...

Deserialization of untrusted data

In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code...

CVE-2021-36981

In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code...

SerNet verinice 代码问题漏洞

SerNet verinice is a Java application from SerNet Germany. A tool for managing information security. SerNet verinice suffers from a code issue vulnerability that stems from insecure Java deserialization in SerNet verinice servers prior to version 1.22.2 that allows an authenticated, remote attack...

CVE-2021-36981

CVE-2021-36981 : In SerNet verinice servers before 1.22.2, insecure Java deserialization allows remote authenticated attackers to achieve arbitrary code execution. Affected: SerNet verinice server prior to version 1.22.2. Root cause: insecure Java deserialization in the server component. Impact: ...

PT-2021-21418 · Sernet · Sernet Verinice

Name of the Vulnerable Software and Affected Versions: SerNet verinice versions prior to 1.22.2 Description: The issue allows remote authenticated attackers to execute arbitrary code due to insecure Java deserialization. Recommendations: For versions prior to 1.22.2, update to version 1.22.2 or...

Privilege Escalation

Samba is an open-source implementation of the Server Message Block SMB or Common Internet File System CIFS protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially...

Samba 4.x Password Change Vulnerability

On a Samba 4 AD DC any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts. ==================================================================== == Subject: Authenticated users can change other users' password == ==...

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 6 : samba4 (RHSA-2017:2791)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2791 advisory. Samba is an open-source implementation of the Server Message Block SMB or Common Internet File System CIFS protocol, which allows...

Moderate: Red Hat Security Advisory: samba4 security update

An update for samba4 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

SMB1/2/3 connections may not require signing where they should

Description There are several code paths where the code doesn't enforce SMB signing: The fixes for CVE-2015-5296 didn't apply the implied signing protection when enforcing encryption for commands like 'smb2mount -e', 'smbcacls -e' and 'smbcquotas -e'. The python binding exported as...

SMB3 connections don't keep encryption across DFS redirects

Description Client command line tools like 'smbclient' as well as applications using 'libsmbclient' library have support for requiring encryption. This is activated by the '-e|--encrypt' command line option or the smbcsetOptionSmbEncryptionLevel library call. By default, only SMB1 is used in orde...

Flaws in Kerberos PAC validation can trigger privilege elevation.

Description The winbindd part of Samba offers verification and unpacking of the PAC Privilege Attribute Certificate received via Kerberos. When parsing the PAC, winbindd may write beyond the allocated buffer, however the data involved is from the server private key and so not user-controlled...