[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:3260-01 -- Redhat samba

ID: oval:org.secpod.oval:def:502196Date: (C)2017-12-04   (M)2023-12-20
Class: PATCHFamily: unix




Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. * A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server. Red Hat would like to thank the Samba project for reporting these issues. Upstream acknowledges Yihan Lian and Zhibin Hu as the original reporter of CVE-2017-14746; and Volker Lendecke as the original reporter of CVE-2017-15275.

Platform:
Red Hat Enterprise Linux 7
Product:
samba
samba-libs
samba-client
Reference:
RHSA-2017:3260-01
CVE-2017-14746
CVE-2017-15275
CVE    2
CVE-2017-14746
CVE-2017-15275
CPE    96
cpe:/a:samba:samba:4.1.13
cpe:/a:samba:samba:4.1.12
cpe:/a:samba:samba:4.1.11
cpe:/a:samba:samba:4.1.10
...

© SecPod Technologies