The vulnerability of the ksmbd_nl_policy() function in the implementation of the SMB (Server Message Block) protocol within the in-core CIFS/SMB3-server ksmbd server of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ksmbdnlpolicy function in the fs/smb/server/transportipc.c module, which is part of the Server Message Block network protocol implementation in the ksmbd server kernel of the Linux operating system, relates to memory reading beyond the allocated buffer. Exploiting this...

Cross site request forgery (csrf)

In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack...

Denial of service

A denial of service vulnerability exists in the Microsoft Server Block Message SMB when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016,...