Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2026/06/10 12:31 p.m.8 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.4AI score0.00904EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/03 9:52 p.m.15 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.7AI score0.00904EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:16 p.m.12 views

CVE-2026-2340

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS0.00904EPSS
Exploits0References12
CVE
CVE
added 2026/05/27 12:9 p.m.47 views

CVE-2026-2340

Samba CVE-2026-2340 affects the vfs_worm module. The issue arises from insufficient validation during rename operations, allowing an authenticated user with write access to a share to overwrite a WORM-protected file by renaming a newly created file over the existing protected file. Impact details...

6.5CVSS5.7AI score0.00904EPSS
Exploits0References12Affected Software3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

Samba 安全漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a security vulnerability, which stems from insufficient validation during the renaming process involving the vfsworm module. This vulnerability could allow authenticated users to...

6.5CVSS5.8AI score0.00904EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.31 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Samba vulnerabilities (USN-8306-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8306-1 advisory. Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access checks on reparse point operations. An attacke...

9.8CVSS6.2AI score0.12797EPSS
Exploits7References7
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-43438

Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the handling of certificate auto-enrollment Group Policy. When this feature is enabled, Samba may retrieve a CA certificate via an unencrypted HTTP connection and install it in...

9.8CVSS5.8AI score0.02669EPSS
Exploits0References97
Samba
Samba
added 2026/05/26 12:0 a.m.12 views

WORM vfs module does not block overwrites

Description The vfsworm module is intended to make files immutable over SMB a short time after they are created. The time window in which they are writable is configurable, defaulting to one hour. The hook that handles renames was checking that the file being renamed was still mutable, but it was...

6.5CVSS5.8AI score0.00904EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/03/29 12:12 p.m.35 views

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

A botnet previously considered to be rendered inert has been observed enslaving end-of-life EoL small home/small office SOHO routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from...

7.5AI score
Exploits0
HackRead
HackRead
added 2021/03/24 5:41 p.m.95 views

Watch out as Purple Fox malware with worm module hits Windows

By Waqas According to researchers, Purple Fox malware attacks intensified significantly, and it has launched a total of 90,000 attacks since May 2020. This is a post from HackRead.com Read the original post: Watch out as Purple Fox malware with worm module hits Windows...

3.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/01 7:10 p.m.133 views

TrickBot comes with new tricks – attacking Outlook and browsing data

Last year we reported about a new modular malware using a network protocol similar to Dyreza - you can read about it here. The malware was not very stealthy and some parts were looking to be under development, but we noticed its potential and capability to be easily extended. Indeed, authors of...

7AI score
Exploits0
Rows per page
Query Builder