K00183056: Samba vulnerability CVE-2017-12163

Security Advisory Description An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer,...

K79401162: Samba vulnerabilities CVE-2016-2111, CVE-2016-2113, and CVE-2016-2114

Security Advisory Description CVE-2016-2111 The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session...

UBUNTU-CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required...

NewStart CGSL MAIN 4.05 : samba Multiple Vulnerabilities (NS-SA-2019-0113)

The remote NewStart CGSL host, running version MAIN 4.05, has samba packages installed that are affected by multiple vulnerabilities: - A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not...

Information Disclosure

samba is vulnerable to information disclosure. This is due to the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by t...

Information disclosure

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of serv...

CVE-2017-12163

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of serv...

CVE-2017-12163

CVE-2017-12163 is an information-leak in Samba SMB1 processing that can enable a malicious client to dump server memory to a file on a Samba share or a shared printer. Affected: Samba prior to 4.4.16 (4.5.x before 4.5.14, 4.6.x before 4.6.8). Impact: partial confidentiality of memory; exact memor...

EulerOS 2.0 SP1 : samba (EulerOS-SA-2017-1233)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a...

EulerOS 2.0 SP2 : samba (EulerOS-SA-2017-1234)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a...

Scientific Linux Security Update : samba on SL6.x i386/x86_64 (20170921)

Security Fixes : - A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. CVE-2017-2619 - It was found that samba did not enforce 'SMB signing' when certa...

Scientific Linux Security Update : samba4 on SL6.x i386/x86_64 (20170921)

Security Fixes : - It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man- in-the-middle attack and retrieve information in plain-text. CVE-2017-12150 - An information leak flaw was found in the way SMB1 protocol...

Scientific Linux Security Update : samba on SL7.x x86_64 (20170921)

Security Fixes : - It was found that samba did not enforce 'SMB signing' when certain configuration options were enabled. A remote attacker could launch a man- in-the-middle attack and retrieve information in plain-text. CVE-2017-12150 - A flaw was found in the way samba client used encryption wi...

samba4 security update

CentOS Errata and Security Advisory CESA-2017:2791 An update for samba4 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2017-12163

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of serv...

DEBIAN-CVE-2016-2114

The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream...

CVE-2016-2114

The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream...