Download
| Alert*
oval:org.secpod.oval:def:89045327
This update for Samba fixes the following security issues: - CVE-2015-5330: Remote read memory exploit in LDB - CVE-2015-5252: Insufficient symlink verification - CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side - CVE-2015-5299: Currently the snapshot ... oval:org.secpod.oval:def:702905 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:702909 ldb: LDAP-like embedded database Several security issues were fixed in ldb. oval:org.secpod.oval:def:203801 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:203804 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. A denial of service flaw was found in the ldb_wildcard_compare function of libldb. A remote attacker could send a specially crafted packet that, when processe ... oval:org.secpod.oval:def:203806 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. A denial of service flaw was found in the ldb_wildcard_compare function of libldb. A remote attacker could send a specially crafted packet that, when processe ... oval:org.secpod.oval:def:203808 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:602323 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-3223 Thilo Uttendorfer of Linux Information Systems AG discovered that a malicious request can cause th ... oval:org.secpod.oval:def:1800112 CVE-2015-3223: libldb: Remote DoS in Samba LDAP server. All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a denial of service attack in the samba daemon LDAP server. Fixed In Version: ldb 1.1.24 CVE-2015-5252: Insufficient symlink verification in smbd. All versions of Samba from ... oval:org.secpod.oval:def:109810 An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. oval:org.secpod.oval:def:109933 An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. oval:org.secpod.oval:def:109812 Tevent is an event system based on the talloc memory management library. Tevent has support for many event types, including timers, signals, and the classic file descriptor events. Tevent also provide helpers to deal with asynchronous code providing the tevent_req functions. oval:org.secpod.oval:def:109816 A library that implements a hierarchical allocator with destructors. oval:org.secpod.oval:def:109963 A library that implements a trivial database. oval:org.secpod.oval:def:1600354 A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORY_LIST access rights.An access flaw was found in the way Samba verified symbolic links when creating new files on a Samba s ... oval:org.secpod.oval:def:109953 Tevent is an event system based on the talloc memory management library. Tevent has support for many event types, including timers, signals, and the classic file descriptor events. Tevent also provide helpers to deal with asynchronous code providing the tevent_req functions. oval:org.secpod.oval:def:501745 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:501748 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. ... oval:org.secpod.oval:def:109984 A library that implements a hierarchical allocator with destructors. oval:org.secpod.oval:def:109821 A library that implements a trivial database. oval:org.secpod.oval:def:52663 ldb: LDAP-like embedded database Several security issues were fixed in ldb. oval:org.secpod.oval:def:1501295 A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb (for example the AD LDAP server in Samba), would cause that application to consume an excessive amount of m ... oval:org.secpod.oval:def:1501296 A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb (for example the AD LDAP server in Samba), would cause that application to consume an excessive amount of m ... oval:org.secpod.oval:def:501740 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. A denial of service flaw was found in the ldb_wildcard_compare function of libldb. A remote attacker could send a specially crafted packet that, when processe ... oval:org.secpod.oval:def:1600377 A denial of service flaw was found in the ldb_wildcard_compare function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb , would cause that application to consume an excessive amount of memory and crash.A memory-read flaw was foun ... oval:org.secpod.oval:def:52660 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. |