[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4043-1 samba -- samba

ID: oval:org.secpod.oval:def:603183Date: (C)2017-12-08   (M)2023-12-20
Class: PATCHFamily: unix




Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-14746 Yihan Lian and Zhibin Hu of Qihoo 360 GearTeam discovered a use-after-free vulnerability allowing a client to compromise a SMB server via malicious SMB1 requests. CVE-2017-15275 Volker Lendecke of SerNet and the Samba team discovered that Samba is prone to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared.

Platform:
Debian 8.x
Debian 9.x
Product:
samba
libparse-pidl-perl
registry-tools
libpam-winbind
libsmbclient
smbclient
winbind
libwbclient-dev
libwbclient0
python-samba
ctdb
libnss-winbind
Reference:
DSA-4043-1
CVE-2017-14746
CVE-2017-15275
CVE    2
CVE-2017-15275
CVE-2017-14746
CPE    5
cpe:/o:debian:debian_linux:9.0
cpe:/a:samba:samba
cpe:/o:debian:debian_linux:8.x
cpe:/o:debian:debian_linux:9.x
...

© SecPod Technologies