ALAS-2018-1126 --- sambaID: oval:org.secpod.oval:def:1601370 | Date: (C)2020-11-27 (M)2022-09-02 |
Class: PATCH | Family: unix |
A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash. A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. A flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client
Platform: |
Amazon Linux AMI |