[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96125

 
 

909

 
 

78020

 
 

109

Paid content will be excluded from the download.


Download | Alert*


CVE-2012-6150
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances ...

CVE-2013-4496
Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.

*OVAL
oval:org.secpod.oval:def:1500420
CPE    244
cpe:/a:samba:samba:2.2.1:a
cpe:/a:samba:samba:2.0.5:a
cpe:/a:samba:samba:2.2.7:a
cpe:/a:samba:samba:2.2:a
...

© 2013 SecPod Technologies