Download
| Alert*
oval:org.secpod.oval:def:54404
samba: SMB/CIFS file, print, and login server for Unix Samba could be made to create files in unexpected locations. oval:org.secpod.oval:def:54393 Michael Hanselmann discovered that Samba, a SMB/CIFS file, print, and login server for Unix, was vulnerable to a symlink traversal attack. It would allow remote authenticated users with write permission to either write or detect files outside of Samba shares. oval:org.secpod.oval:def:600171 Volker Lendecke discovered that missing range checks in Samba"s file descriptor handling could lead to memory corruption, resulting in denial of service. oval:org.secpod.oval:def:201607 Samba is a suite of programs used by machines to share files, printers, and other information. A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to "1" valu ... oval:org.secpod.oval:def:600605 The Samba Web Administration Tool contains several cross-site request forgery vulnerabilities and a cross-site scripting vulnerability . oval:org.secpod.oval:def:201817 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:201833 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:201729 Samba is a suite of programs used by machines to share files, printers, and other information. An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the pr ... oval:org.secpod.oval:def:201911 Samba is a suite of programs used by machines to share files, printers, and other information. An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the pr ... oval:org.secpod.oval:def:202162 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:202044 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:500077 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a sp ... oval:org.secpod.oval:def:200420 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a sp ... oval:org.secpod.oval:def:500222 Samba is a suite of programs used by machines to share files, printers, and other information. A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to "1" valu ... oval:org.secpod.oval:def:200221 Samba is a suite of programs used by machines to share files, printers, and other information. A flaw was found in the way Samba handled file descriptors. If an attacker were able to open a large number of file descriptors on the Samba server, they could flip certain stack bits to "1" valu ... oval:org.secpod.oval:def:201628 Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a sp ... oval:org.secpod.oval:def:500370 Samba is a suite of programs used by machines to share files, printers, and other information. An input sanitization flaw was found in the way Samba parsed client data. A malicious client could send a specially-crafted SMB packet to the Samba server, resulting in arbitrary code execution with the pr ... oval:org.secpod.oval:def:500693 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:1801391 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:51018 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1801386 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801387 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:1801388 Samba contains an RPC endpoint emulating the Windows registry service API. One of the requests, "winreg_SaveKey", is susceptible to a path/symlink traversal vulnerability. Unprivileged users can use it to create a new registry hive file anywhere they have unix permissions to create a new file within ... oval:org.secpod.oval:def:114988 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:116249 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:500008 Samba is a suite of programs used by machines to share files, printers, and other information. The cifs-utils package contains utilities for mounting and managing CIFS shares. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool . If a remote attac ... oval:org.secpod.oval:def:500721 Samba is a suite of programs used by machines to share files, printers, and other information. An input validation flaw was found in the way Samba handled Any Batched requests. A remote, unauthenticated attacker could send a specially-crafted SMB packet to the Samba server, possibly resulting in ar ... oval:org.secpod.oval:def:1500317 Updated samba4 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:600957 Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool. CVE-2013-0213: Clickjacking issue in SWAT An attacker can integrate a SWAT page into a malicio ... oval:org.secpod.oval:def:501203 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:500437 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:106583 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1500406 Updated samba packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ... oval:org.secpod.oval:def:501132 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:500288 Samba is a suite of programs used by machines to share files, printers, and other information. A missing array boundary checking flaw was found in the way Samba parsed the binary representation of Windows security identifiers . A malicious client could send a specially-crafted SMB request to the Sam ... oval:org.secpod.oval:def:501136 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute list provided by a cli ... oval:org.secpod.oval:def:33379 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:107340 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:107173 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:1500303 Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give det ... oval:org.secpod.oval:def:106072 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:203215 Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool did not protect against being opened in a web p ... oval:org.secpod.oval:def:105824 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:106156 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:51898 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to expose sensitive information over the network. oval:org.secpod.oval:def:53143 Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix: CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not enforce encr ... oval:org.secpod.oval:def:1700107 A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server coul ... oval:org.secpod.oval:def:1502253 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:52109 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:53395 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-10858 Svyatoslav Phirsov discovered that insufficient input validation in libsmbclient allowed a malici ... |