43 matches found
UBUNTU-CVE-2018-16841
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call tallocfree twice on the same memory if the principal in a validly signed certificate does not match the principal ...
Double-free in Samba AD DC KDC with PKINIT
Description When configured to accept smart-card authentication, Samba's KDC will call tallocfree twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is...
openSUSE Security Update : samba / talloc / tevent (openSUSE-2018-300)
"Samba was updated to version 4.6.13 to fix several bugs. bsc1084191 Security issue fixed : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741. The library talloc was updated to version 2.1.10 : - build, documentation and python3 improvements The library tevent was updat...
SUSE SLED12 / SLES12 Security Update : samba, talloc, tevent (SUSE-SU-2018:0754-1)
"Samba was updated to version 4.6.13 to fix several bugs. bsc1084191 Security issue fixed : - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741. The library talloc was updated to version 2.1.10 : - build, documentation and python3 improvements The library tevent was updat...
SUSE-SU-2018:0754-1 Security update for samba, talloc, tevent
Samba was updated to version 4.6.13 to fix several bugs. bsc1084191 Security issue fixed: - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally bsc1081741. The library talloc was updated to version 2.1.10: - build, documentation and python3 improvements The library tevent was updated ...
SUSE SLES11 Security Update : samba (SUSE-SU-2016:0905-1)
"This update for samba fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
openSUSE Security Update : samba / ldb / talloc / etc (openSUSE-2015-945)
"This update for ldb, samba, talloc, tdb, tevent fixes the following issues : ldb was updated to 1.1.24. + Fix ldap \00 search expression attack dos; cve-2015-3223; bso11325 + Fix remote read memory exploit in ldb; cve-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h for testing + Fix...
openSUSE: Security Advisory for samba (openSUSE-SU-2015:2356-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for samba, ldb, talloc, tdb, tevent (important)
This update for ldb, samba, talloc, tdb, tevent fixes the following issues: ldb was updated to 1.1.24. + Fix ldap \00 search expression attack dos; cve-2015-3223; bso11325 + Fix remote read memory exploit in ldb; cve-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h for testing + Fix...
SUSE SLED12 / SLES12 Security Update : ldb, samba, talloc, tdb, tevent (SUSE-SU-2015:2304-1)
"This update for ldb, samba, talloc, tdb, tevent fixes the following security issues : - ldb was updated to version 1.1.24. + Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 + Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h f...
SUSE SLED12 / SLES12 Security Update : ldb, samba, talloc, tdb, tevent (SUSE-SU-2015:2305-1)
"This update for ldb, samba, talloc, tdb, tevent fixes the following security issues and bugs : The Samba LDB was updated to version 1.1.24 : - Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 - Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 - Move ldbunpackdata...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
Samba chain_reply Memory Corruption (Linux x86)
No description provided by source. $Id: chainreply.rb 10238 2010-09-04 02:10:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
Fedora 11 : samba-3.4.5-0.47.fc11 (2010-1190)
Tue Jan 26 2010 Guenther Deschner - 3.4.5-0.47 - Security Release, fixes CVE-2009-3297 - resolves: 532940 - Tue Jan 19 2010 Guenther Deschner - 3.4.5-0.46 - Update to 3.4.5 - Thu Jan 7 2010 Guenther Deschner - 3.4.4-0.45 - Update to 3.4.4 - Thu Oct 29 2009 Guenther Deschner - 3.4.3-0.44 - Update...
Samba 3.0.24 (Solaris) - 'lsa_io_trans_names' Heap Overflow (Metasploit)
$Id: lsatransnamesheap.rb 9021 2010-04-05 23:34:10Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
Samba lsa_io_trans_names Heap Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Samba...
Samba lsa_io_trans_names Heap Overflow
This module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method credit Ramon and Adriano, which only works with Samba versions 3.0.21-3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher...