Missing handle permissions check in SMB1/2/3

Description The SMB1/2/3 protocols have a concept of "ChangeNotify", where a client can request file name notification on a directory handle when a condition such as "new file creation" or "file size change" or "file timestamp update" occurs. A missing permissions check on a directory handle...

openSUSE Security Update : samba (openSUSE-2017-437)

"This update for samba fixes the following issues : Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes : - Force usage of ncurses6-config thru NCURSESCONFIG env var bsc1023847. - Add missing ldb module directory bsc1012092. -...

openSUSE Security Update : samba (openSUSE-2017-439)

"This update for samba fixes the following issues : Security issues fixed : - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes : - Don't package man pages for VFS modules that aren't built bsc993707. - syncreq: make asyncconnectsend 'reentrant';...

SUSE-SU-2017:0858-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes: - Force usage of ncurses6-config thru NCURSESCONFIG env var bsc1023847. - Add missing ldb module directory bsc1012092. - Don't...

Samba < 3.6.22 / 4.0.13 / 4.1.3 Multiple Vulnerabilities

Binary data 8075.prm...

DSA-2812-1 samba - several

Bulletin has no description...

Debian Security Advisory DSA 2812-1 (samba - several vulnerabilities)

Two security issues were found in Samba, a SMB/CIFS file, print, and login server: CVE-2013-4408 It was discovered that multiple buffer overflows in the processing of DCE-RPC packets may lead to the execution of arbitrary code. CVE-2013-4475 Hemanth Thummala discovered that ACLs were not checked...