Download
| Alert*
oval:org.secpod.oval:def:97770
[CLSA-2023:1700852317] samba: Fix of CVE-2023-3961 oval:org.secpod.oval:def:2600402 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. oval:org.secpod.oval:def:19500480 Samba is vulnerable to path traversal due to insufficient sanitization of clients incoming pipe names. This can lead to the client connecting to as root to a Unix domain socket outside of the Samba private directory. SMB client can truncate files to 0 bytes by opening files with OVERWRITE dispositio ... oval:org.secpod.oval:def:96511 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation. oval:org.secpod.oval:def:1507173 [4.18.6-2.0.1] - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server oval:org.secpod.oval:def:96523 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation. oval:org.secpod.oval:def:95150 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: smbd allows client access to unix domain soc ... oval:org.secpod.oval:def:95292 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: smbd allows client access to unix domain soc ... oval:org.secpod.oval:def:2501223 Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. oval:org.secpod.oval:def:1507154 [4.18.6-101] - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server oval:org.secpod.oval:def:89050943 This update for samba fixes the following issues: * CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions. * CVE-2023-42669: Fixed a bug in "rpcecho" development server which allows Denial of Service via sleep call on AD DC. * CVE-2023-42670: Fixed the procedure nu ... oval:org.secpod.oval:def:126398 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:126310 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:612727 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation. |