Download
| Alert*
|
oval:org.secpod.oval:def:51554
samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Linux Mint 17.x LTS, and Linu ... oval:org.secpod.oval:def:51572 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Original advisory USN-2950-1 introduced a regression in Sa ... oval:org.secpod.oval:def:54404 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to create files in unexpected locations. oval:org.secpod.oval:def:54393 Michael Hanselmann discovered that Samba, a SMB/CIFS file, print, and login server for Unix, was vulnerable to a symlink traversal attack. It would allow remote authenticated users with write permission to either write or detect files outside of Samba shares. oval:org.secpod.oval:def:400790 This update for the samba server fixes the following issues: Security issue fixed: - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; ; . Other bugs fixed: - Enable clustering support; . - s3: smbd: Fix timestamp rounding inside SMB2 create; ; . - v ... oval:org.secpod.oval:def:400643 This update for samba fixes the following issues: - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target. Also the following bugs were fixed: - Add quotes around path of update-apparmor-samba-profile; . - Prevent access denied if the share path is " ... oval:org.secpod.oval:def:202310 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite"s Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, ... oval:org.secpod.oval:def:600171 Volker Lendecke discovered that missing range checks in Samba"s file descriptor handling could lead to memory corruption, resulting in denial of service. oval:org.secpod.oval:def:703110 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relax ... oval:org.secpod.oval:def:1500012 Updated samba4 packages that fix one security issue, multiple bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a ... oval:org.secpod.oval:def:600779 It was discovered that Samba, the SMB/CIFS file, print, and login server, contained a flaw in the remote procedure call code which allowed remote code execution as the super user from an unauthenticated connection. oval:org.secpod.oval:def:201607 Samba is a suite of programs used by machines to share files, printers, and other information. A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to "1" valu ... oval:org.secpod.oval:def:600605 The Samba Web Administration Tool contains several cross-site request forgery vulnerabilities and a cross-site scripting vulnerability . oval:org.secpod.oval:def:201833 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:201817 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:201729 Samba is a suite of programs used by machines to share files, printers, and other information. An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the pr ... oval:org.secpod.oval:def:201911 Samba is a suite of programs used by machines to share files, printers, and other information. An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the pr ... oval:org.secpod.oval:def:202162 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:202044 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:202315 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite"s Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, ... oval:org.secpod.oval:def:202622 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the Samba suite"s Perl-based DCE/RPC IDL compiler, used to generate code to handle R ... oval:org.secpod.oval:def:501783 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this fl ... oval:org.secpod.oval:def:1600334 A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. oval:org.secpod.oval:def:1800418 CVE-2015-7560 Incorrect ACL get/set allowed on symlink path. All versions of Samba from 3.2.0 to 4.4.0rc3 inclusive are vulnerable toa malicious client overwriting the ownership of ACLs using symlinks. An authenticated malicious client can use SMB1 UNIX extensions to create a symlink to a file or di ... oval:org.secpod.oval:def:52726 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:500077 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a sp ... oval:org.secpod.oval:def:200420 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a sp ... oval:org.secpod.oval:def:500222 Samba is a suite of programs used by machines to share files, printers, and other information. A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to "1" valu ... oval:org.secpod.oval:def:200221 Samba is a suite of programs used by machines to share files, printers, and other information. A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to "1" valu ... oval:org.secpod.oval:def:201628 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a sp ... oval:org.secpod.oval:def:500693 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:500370 Samba is a suite of programs used by machines to share files, printers, and other information. An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the pr ... oval:org.secpod.oval:def:1801391 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:51018 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1801386 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801387 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801388 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:114988 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:116249 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:500008 Samba is a suite of programs used by machines to share files, printers, and other information. The cifs-utils package contains utilities for mounting and managing CIFS shares. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attac ... oval:org.secpod.oval:def:500716 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The default Samba server configuration enabled both the "wide links" and "unix extensions& ... oval:org.secpod.oval:def:1500439 Updated samba4 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ... oval:org.secpod.oval:def:1500317 Updated samba4 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:600957 Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool. CVE-2013-0213: Clickjacking issue in SWAT An attacker can integrate a SWAT page into a malicio ... oval:org.secpod.oval:def:500437 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:106583 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:501132 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:500288 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:501136 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute list provided by a cli ... oval:org.secpod.oval:def:33379 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1500335 Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed sev ... oval:org.secpod.oval:def:1500339 Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:106527 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:107173 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:203228 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:701514 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:107323 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:106072 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:501152 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:501154 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:203215 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:105824 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:701621 samba: SMB/CIFS file, print, and login server for Unix Samba did not properly enforce the password guessing protection mechanism. oval:org.secpod.oval:def:500994 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the Samba suite"s Perl-based DCE/RPC IDL compiler, used to generate code to handle R ... oval:org.secpod.oval:def:501203 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:601164 Two security issues were found in Samba, a SMB/CIFS file, print, and login server: CVE-2013-4408 It was discovered that multiple buffer overflows in the processing of DCE-RPC packets may lead to the execution of arbitrary code. CVE-2013-4475 Hemanth Thummala discovered that ACLs were not checked whe ... oval:org.secpod.oval:def:1500406 Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ... oval:org.secpod.oval:def:107107 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:202984 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:501214 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:202987 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE- ... oval:org.secpod.oval:def:106259 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:107340 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:203300 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:501222 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote a ... oval:org.secpod.oval:def:1500420 Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed seve ... oval:org.secpod.oval:def:500779 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite"s Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, ... oval:org.secpod.oval:def:1500303 Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give det ... oval:org.secpod.oval:def:106156 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:108454 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:701426 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:400809 Samba was updated to the 4.2.x codestream, bringing some new features and security fixes . These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks . - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication . - CVE-2 ... oval:org.secpod.oval:def:400699 samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks . - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication . - CVE-2016-2111: Domain controller netlogon member ... oval:org.secpod.oval:def:502178 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * A protocol flaw, publicly referred to as Badlock, was found in the ... oval:org.secpod.oval:def:501803 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba . Ref ... oval:org.secpod.oval:def:52756 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:51555 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Linux Mint 17.x LTS, and Linu ... oval:org.secpod.oval:def:703086 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.1 ... oval:org.secpod.oval:def:703085 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.1 ... oval:org.secpod.oval:def:1600365 Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba . This flaw could also be used ... oval:org.secpod.oval:def:602527 The upgrade to Samba 4.2 issued as DSA-3548-1 introduced several upstream regressions and as well a packaging regression causing errors on upgrading the packages. Updated packages are now available to address these problems. oval:org.secpod.oval:def:703130 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Original advisory USN-2950-1 introduced a regression in Sa ... oval:org.secpod.oval:def:51898 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to expose sensitive information over the network. oval:org.secpod.oval:def:53143 Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix: CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not enforce encr ... oval:org.secpod.oval:def:1502253 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700107 A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server coul ... oval:org.secpod.oval:def:52109 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:53395 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malici ... |
