ALAS-2017-933 ---- sambaID: oval:org.secpod.oval:def:1600822 | Date: (C)2017-12-26 (M)2022-08-31 |
Class: PATCH | Family: unix |
Use-after-free in processing SMB1 requestsA use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. Server heap-memory disclosureA memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server
Platform: |
Amazon Linux AMI |