A flaw was found in samba when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside of the share.
The host is installed with samba version 4.x and is prone to a denial of service vulnerability. A flaw is present in samba which fails to handle character conversion at log level 3 or above. An unauthenticated attacker could use this flaw to cause samba to crash.
It was found that libreoffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials.
The host is installed with Linux kernel and is prone to a TCP session hijack vulnerability. A flaw is present in the application, which fails to handle a blind in-window attack. Successful exploitation allows man-in-the-middle attackers to hijack TCP sessions.