Download
| Alert*
oval:org.secpod.oval:def:54393
Michael Hanselmann discovered that Samba, a SMB/CIFS file, print, and login server for Unix, was vulnerable to a symlink traversal attack. It would allow remote authenticated users with write permission to either write or detect files outside of Samba shares. oval:org.secpod.oval:def:503405 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba . Se ... oval:org.secpod.oval:def:54404 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to create files in unexpected locations. oval:org.secpod.oval:def:89003169 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . Non-security issues fixed: - Fixed an issue where the first login failed and subsequent o ... oval:org.secpod.oval:def:89003226 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . Non-security issues fixed: - Fix vfs_ceph ftruncate and fallocate handling . - Abide by l ... oval:org.secpod.oval:def:89003062 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . Non-security issue fixed: - Make init scripts create log directories before running daemo ... oval:org.secpod.oval:def:89003078 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Save registry file outside share as unprivileged user . Non-security issue fixed: - Backport changes to support quotas with SMB2 . oval:org.secpod.oval:def:89050714 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . ldb was updated to version 1.2.4 : - Out of bound read in ldb_wildcard_compare - Hold at ... oval:org.secpod.oval:def:116249 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1801391 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1601084 A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share oval:org.secpod.oval:def:1801386 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801387 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801388 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1000488 The remote host is missing a patch 119758-44 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000446 The remote host is missing a patch 119757-44 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2105075 A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some ... oval:org.secpod.oval:def:603845 Michael Hanselmann discovered that Samba, a SMB/CIFS file, print, and login server for Unix, was vulnerable to a symlink traversal attack. It would allow remote authenticated users with write permission to either write or detect files outside of Samba shares. oval:org.secpod.oval:def:1504161 [4.10.4-1] - resolves: #1712378 - Fix smbspool CUPS backend - resolves: #1696612 - Fix "net ads join -U admin@parentdomain" [4.10.4-0] - related: #1638001 - Rebase to Samba version 4.10.4 - resolves: #1597298 - Build Samba with python3 - resolves: #1658558 - Add "net ads leave --keep-account" option ... oval:org.secpod.oval:def:503287 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba . Se ... oval:org.secpod.oval:def:1503993 [4.9.1-6] - related: #1703204 - Fix printing with smbspool as CUPS backend [4.9.1-5] - resolves: #1703204 - Fix smbspool krb5 authentication [4.9.1-4] - resolves: #1690222 - Fix --max-protocol documentation of smbclient - resolves: #1518353 - Fix "net ads join -Uadmin@forestdomain" - resolves: #1696 ... oval:org.secpod.oval:def:205324 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba . Se ... oval:org.secpod.oval:def:1700260 A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. oval:org.secpod.oval:def:704878 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to create files in unexpected locations. |