Download
| Alert*
oval:org.secpod.oval:def:89044968
This update for samba fixes several issues. These security issues were fixed: - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client . - CVE-2017-12150: Always enforce smb signing when it is configured . - CVE-2017-1215 ... oval:org.secpod.oval:def:89044748 This update for samba fixes several issues. These security issues were fixed: - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client - CVE-2017-12150: Always enforce smb signing when it is configured - CVE-2017-12151: ... oval:org.secpod.oval:def:89044558 This update for samba fixes the following issues: Security issues fixed: - CVE-2017-14746: Use-after-free vulnerability . - CVE-2017-15275: Server heap memory information leak . - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file . - CVE-2017-12151: Keep required enc ... oval:org.secpod.oval:def:1800860 CVE-2017-12150: SMB1/2/3 connections may not require signing where they should Affected versions:¶ samba 3.0.25 to 4.6.7 Fixed in:¶ samba 4.6.8, 4.5.14 and 4.4.16 oval:org.secpod.oval:def:2101503 A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connectio ... oval:org.secpod.oval:def:1800862 CVE-2017-12150: SMB1/2/3 connections may not require signing where they should Affected versions: samba 3.0.25 to 4.6.7 Fixed in: samba 4.6.8, 4.5.14 and 4.4.16 oval:org.secpod.oval:def:1800905 CVE-2017-12150: SMB1/2/3 connections may not require signing where they should Affected versions: samba 3.0.25 to 4.6.7 Fixed In: samba 4.6.8, 4.5.14 and 4.4.16 oval:org.secpod.oval:def:204560 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * It was found that samba did not enforce "SMB signing" wh ... oval:org.secpod.oval:def:1000623 The remote host is missing a patch 119758-43 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89044484 This update for samba fixes several issues. These security issues were fixed: - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client . - CVE-2017-12150: Always enforce smb signing when it is configured . - CVE-2017-1215 ... oval:org.secpod.oval:def:1000603 The remote host is missing a patch 119757-43 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1600789 Server memory information leak over SMB1:An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be c ... oval:org.secpod.oval:def:113256 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:53143 Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix: CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not enforce encr ... oval:org.secpod.oval:def:113296 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1502024 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:51898 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to expose sensitive information over the network. oval:org.secpod.oval:def:1800303 CVE-2017-12150: SMB1/2/3 connections may not require signing where they should Affected versions samba 3.0.25 to 4.6.7 Fixed in samba 4.6.8, 4.5.14 and 4.4.16 oval:org.secpod.oval:def:113589 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:603114 Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix: CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not enforce encr ... oval:org.secpod.oval:def:502141 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * It was found that samba did not enforce "SMB signing" wh ... oval:org.secpod.oval:def:703808 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to expose sensitive information over the network. |