[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-3983-1 samba -- samba

ID: oval:org.secpod.oval:def:603114Date: (C)2017-09-26   (M)2023-12-20
Class: PATCHFamily: unix




Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix: CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not enforce encryption when following DFS redirects, which could allow a man-in-the-middle attacker to read or modify connections which were meant to be encrypted. CVE-2017-12163 Yihan Lian and Zhibin Hu discovered that insufficient range checks in the processing of SMB1 write requests could result in disclosure of server memory.

Platform:
Debian 8.x
Debian 9.x
Product:
samba
libparse-pidl-perl
registry-tools
libpam-winbind
libsmbclient
smbclient
winbind
libwbclient-dev
libwbclient0
python-samba
ctdb
libnss-winbind
Reference:
DSA-3983-1
CVE-2017-12150
CVE-2017-12151
CVE-2017-12163
CVE    3
CVE-2017-12151
CVE-2017-12163
CVE-2017-12150
CPE    5
cpe:/o:debian:debian_linux:9.0
cpe:/a:samba:samba
cpe:/o:debian:debian_linux:8.x
cpe:/o:debian:debian_linux:9.x
...

© SecPod Technologies