Download
| Alert*
oval:org.secpod.oval:def:32978
samba: SMB/CIFS file, print, and login server for Unix Details: USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory USN-2855-1 introduced a regression in Samba. oval:org.secpod.oval:def:52696 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory USN-2855-1 introduced a regression in Samba. oval:org.secpod.oval:def:51554 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Linux Mint 17.x LTS, and Linu ... oval:org.secpod.oval:def:51572 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Original advisory USN-2950-1 introduced a regression in Sa ... oval:org.secpod.oval:def:52166 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory USN-2855-1 introduced a regression in Samba. oval:org.secpod.oval:def:52392 samba: SMB/CIFS file, print, and login server for Unix A security issue was fixed in Samba. oval:org.secpod.oval:def:52168 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1600822 Use-after-free in processing SMB1 requestsA use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. Server heap-memory disclosureA memory discl ... oval:org.secpod.oval:def:54404 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to create files in unexpected locations. oval:org.secpod.oval:def:54393 Michael Hanselmann discovered that Samba, a SMB/CIFS file, print, and login server for Unix, was vulnerable to a symlink traversal attack. It would allow remote authenticated users with write permission to either write or detect files outside of Samba shares. oval:org.secpod.oval:def:400790 This update for the samba server fixes the following issues: Security issue fixed: - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; ; . Other bugs fixed: - Enable clustering support; . - s3: smbd: Fix timestamp rounding inside SMB2 create; ; . - v ... oval:org.secpod.oval:def:400643 This update for samba fixes the following issues: - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target. Also the following bugs were fixed: - Add quotes around path of update-apparmor-samba-profile; . - Prevent access denied if the share path is " ... oval:org.secpod.oval:def:1800096 libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the SMB2_SESSION_FLAG_IS_GUEST or SMB2_SESSION_FLAG_IS_NULL flag. ... oval:org.secpod.oval:def:702966 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory USN-2855-1 introduced a regression in Samba. oval:org.secpod.oval:def:703110 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relax ... oval:org.secpod.oval:def:702146 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:702386 samba: SMB/CIFS file, print, and login server for Unix A security issue was fixed in Samba. oval:org.secpod.oval:def:702905 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:203801 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:203385 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba"s NetBIOS message block daemon . An attacker on the ... oval:org.secpod.oval:def:203384 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba"s NetBIOS message block daemon . An attacker on the ... oval:org.secpod.oval:def:501783 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this fl ... oval:org.secpod.oval:def:203805 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A man-in-the-middle vulnerability was found in the way connection signing was implemented by Samba. A rem ... oval:org.secpod.oval:def:1600334 A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. oval:org.secpod.oval:def:1800418 CVE-2015-7560 Incorrect ACL get/set allowed on symlink path. All versions of Samba from 3.2.0 to 4.4.0rc3 inclusive are vulnerable toa malicious client overwriting the ownership of ACLs using symlinks. An authenticated malicious client can use SMB1 UNIX extensions to create a symlink to a file or di ... oval:org.secpod.oval:def:52726 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:203808 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:204654 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: * It was found that Samba always requested forwardable tickets when using Kerberos authenti ... oval:org.secpod.oval:def:204672 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * It was found that Samba always requested forwardable tickets when ... oval:org.secpod.oval:def:204843 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * samba: Null pointer indirection in printer server process For mor ... oval:org.secpod.oval:def:204846 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: * samba: Null pointer indirection in printer server process For more details about the sec ... oval:org.secpod.oval:def:1801391 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:51018 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1801386 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801387 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801388 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:114988 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:116249 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:602323 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-3223 Thilo Uttendorfer of Linux Information Systems AG discovered that a malicious request can cause th ... oval:org.secpod.oval:def:1500668 Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:1501305 A man-in-the-middle vulnerability was found in the way "connection signing" was implemented by Samba. A remote attacker could use this flaw to downgrade an existing Samba client connection and force the use of plain text. oval:org.secpod.oval:def:501745 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:501747 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A man-in-the-middle vulnerability was found in the way "connection signing" was implemented by ... oval:org.secpod.oval:def:501748 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:1600354 A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORY_LIST access rights.An access flaw was found in the way Samba verified symbolic links when creating new files on a Samba s ... oval:org.secpod.oval:def:1501302 Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. oval:org.secpod.oval:def:1501308 Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. oval:org.secpod.oval:def:52660 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:109830 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:109949 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:602420 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-7560 Jeremy Allison of Google, Inc. and the Samba Team discovered that Samba incorrectly handles gettin ... oval:org.secpod.oval:def:1500439 Updated samba4 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ... oval:org.secpod.oval:def:1500335 Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed sev ... oval:org.secpod.oval:def:1500339 Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:106527 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:52247 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:107173 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:701514 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:701621 samba: SMB/CIFS file, print, and login server for Unix Samba did not properly enforce the password guessing protection mechanism. oval:org.secpod.oval:def:601969 Richard van Eeden of Microsoft Vulnerability Research discovered that Samba, a SMB/CIFS file, print, and login server for Unix, contains a flaw in the netlogon server code which allows remote code execution with root privileges from an unauthenticated connection. oval:org.secpod.oval:def:203563 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:203562 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:203561 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:601164 Two security issues were found in Samba, a SMB/CIFS file, print, and login server: CVE-2013-4408 It was discovered that multiple buffer overflows in the processing of DCE-RPC packets may lead to the execution of arbitrary code. CVE-2013-4475 Hemanth Thummala discovered that ACLs were not checked whe ... oval:org.secpod.oval:def:107107 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:106259 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:107340 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:203300 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:501501 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon . A malicious Samba client could send spe ... oval:org.secpod.oval:def:1500420 Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed seve ... oval:org.secpod.oval:def:501505 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon . A malicious Samba client could send spe ... oval:org.secpod.oval:def:501504 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon . A malicious Samba client could send spe ... oval:org.secpod.oval:def:108451 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:106156 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:108454 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:106583 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1500607 Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed seve ... oval:org.secpod.oval:def:203354 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile function of nmbd, the NetBIOS message bloc ... oval:org.secpod.oval:def:203228 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:203349 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile function of nmbd, the NetBIOS message bloc ... oval:org.secpod.oval:def:107323 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:501152 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:501154 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:52413 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:1500914 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:1500913 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:1500915 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ... oval:org.secpod.oval:def:52271 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:702429 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:501331 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile function of nmbd, the NetBIOS message bloc ... oval:org.secpod.oval:def:501333 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the way the sys_recvfile function of nmbd, the NetBIOS message bloc ... oval:org.secpod.oval:def:202984 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:501214 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:202987 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:702089 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:203381 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba"s NetBIOS message block daemon . An attacker on the ... oval:org.secpod.oval:def:501222 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:501356 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba"s NetBIOS message block daemon . An attacker on the ... oval:org.secpod.oval:def:501355 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba"s NetBIOS message block daemon . An attacker on the ... oval:org.secpod.oval:def:400809 Samba was updated to the 4.2.x codestream, bringing some new features and security fixes . These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks . - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication . - CVE-2 ... oval:org.secpod.oval:def:1800252 All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to corr ... oval:org.secpod.oval:def:400699 samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks . - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication . - CVE-2016-2111: Domain controller netlogon member ... oval:org.secpod.oval:def:502178 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * A protocol flaw, publicly referred to as Badlock, was found in the ... oval:org.secpod.oval:def:501803 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba . Ref ... oval:org.secpod.oval:def:52756 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:51555 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Linux Mint 17.x LTS, and Linu ... oval:org.secpod.oval:def:703086 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.1 ... oval:org.secpod.oval:def:703085 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.1 ... oval:org.secpod.oval:def:1600365 Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba . This flaw could also be used ... oval:org.secpod.oval:def:602527 The upgrade to Samba 4.2 issued as DSA-3548-1 introduced several upstream regressions and as well a packaging regression causing errors on upgrading the packages. Updated packages are now available to address these problems. oval:org.secpod.oval:def:703130 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Original advisory USN-2950-1 introduced a regression in Sa ... oval:org.secpod.oval:def:703289 samba: SMB/CIFS file, print, and login server for Unix Samba could be tricked into connecting to impersonated servers. oval:org.secpod.oval:def:51642 samba: SMB/CIFS file, print, and login server for Unix Samba could be tricked into connecting to impersonated servers. oval:org.secpod.oval:def:1502067 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:51938 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1502070 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502196 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * A use-after-free flaw was found in the way samba servers handled c ... oval:org.secpod.oval:def:1501983 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1800605 All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to corr ... oval:org.secpod.oval:def:113679 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1800460 CVE-2017-14746: Use-after-free vulnerability. Affected Versions All versions of Samba from 4.0.0 onwards. Fixed In Samba 4.7.3, 4.6.11 and 4.5.15 oval:org.secpod.oval:def:1800581 CVE-2017-14746: Use-after-free vulnerability. Affected Versions: All versions of Samba from 4.0.0 onwards. Fixed In: Samba 4.7.3, 4.6.11 and 4.5.15 oval:org.secpod.oval:def:51898 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to expose sensitive information over the network. oval:org.secpod.oval:def:1800466 CVE-2017-14746: Use-after-free vulnerability. Affected Versions: All versions of Samba from 4.0.0 onwards. Fixed In: Samba 4.7.3, 4.6.11 and 4.5.15 oval:org.secpod.oval:def:1800693 All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload ashared library to a writable share, and then cause the server to load and execute it. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to corre ... oval:org.secpod.oval:def:51799 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator. oval:org.secpod.oval:def:53194 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-14746 Yihan Lian and Zhibin Hu of Qihoo 360 GearTeam discovered a use-after-free vulnerability allowing ... oval:org.secpod.oval:def:53143 Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix: CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not enforce encr ... oval:org.secpod.oval:def:113525 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:52009 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:114990 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1502253 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502259 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502318 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * samba: Null pointer indirection in printer server process For mor ... oval:org.secpod.oval:def:53272 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-1050 It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service i ... oval:org.secpod.oval:def:502320 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: * samba: Null pointer indirection in printer server process For more details about the sec ... oval:org.secpod.oval:def:1700107 A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server coul ... oval:org.secpod.oval:def:52109 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:115591 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:51170 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:53469 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-14629 Florian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME ... oval:org.secpod.oval:def:53395 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malici ... oval:org.secpod.oval:def:1800189 A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. Affected versions: All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15 oval:org.secpod.oval:def:53096 Jeffrey Altman, Viktor Duchovni and Nico Williams identified a mutual authentication bypass vulnerability in samba, the SMB/CIFS file, print, and login server. Also known as Orpheus" Lyre, this vulnerability is located in Samba Kerberos Key Distribution Center component and could be used by an atta ... oval:org.secpod.oval:def:1800842 A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. Affected versions: All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15 oval:org.secpod.oval:def:1800531 A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. Affected versions All versions between Samba 4.0.0 and 4.6.6/4.5.12/4.4.15 oval:org.secpod.oval:def:602704 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-2119 Stefan Metzmacher discovered that client-side SMB2/3 required signing can be downgraded, allowing ... oval:org.secpod.oval:def:51692 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1800437 CVE-2016-2123: NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability. Affected versions: Samba 4.0.0 to 4.5.2 Fixed in: Samba 4.5.3, 4.4.8 and 4.3.13 |