[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252212

 
 

909

 
 

196748

 
 

282

Paid content will be excluded from the download.


Download | Alert*


CVE-2023-34968
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the informa ...

CVE-2023-34967
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. D ...

CVE-2022-2127
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manage ...

CVE-2023-34966
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like str ...

*OVAL
oval:org.secpod.oval:def:89051577
CPE    6
cpe:/a:samba:samba
cpe:/a:samba:libsamba-policy-devel
cpe:/a:samba:libsamba-policy-python3-devel
cpe:/a:samba:libsamba-policy0-python3
...

© SecPod Technologies