Download
| Alert*
oval:org.secpod.oval:def:5800106
The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb . Security Fix: * samba: AD users can induce a use-after-free in the server pro ... oval:org.secpod.oval:def:2600010 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. oval:org.secpod.oval:def:89048518 This update for ldb, samba fixes the following issues: ldb: * CVE-2022-32746: Fixed an use-after-free issue in the database audit logging module . * CVE-2023-0614: Fixed discovering of access controlled AD LDAP attributes . samba: * CVE-2023-0922: Fixed cleartext password sending by AD DC admin too ... oval:org.secpod.oval:def:1506148 [2.5.2-2] - resolves: rhbz#2108998 - Rebuild to include python3-ldb-devel in CRB [2.5.2-1] - Rebase to version 2.5.2 - resolves: rhbz#2109016 - Fix CVE-2022-32746 [2.5.1-1] - related: rhbz#2077484 - Rebase to version 2.5.1 [2.5.0-1] - resolves: rhbz#2077484 - Rebase to version 2.5.0 oval:org.secpod.oval:def:507309 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb . Security Fix: * samba: AD users can induce a use-after-free in the server pro ... oval:org.secpod.oval:def:82413 Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. The AD DC database audit logging module can be made to access LDAP message values that have been freed by a preceding database module, resulting in a use-after- free. This is only possible when modif ... oval:org.secpod.oval:def:87166 [2.5.2-1] - Rebase to version 2.5.2 - resolves: rhbz#2109017 - Fix CVE-2022-32746 [2.5.1-1] - related: rhbz#2077490 - Rebase to version 2.5.1 [2.5.0-1] - resolves: rhbz#2077490 - Rebase to version 2.5.0 oval:org.secpod.oval:def:507358 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb . Security Fix: * samba: AD users can induce a use-after-free in the server pro ... oval:org.secpod.oval:def:82406 Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. The AD DC database audit logging module can be made to access LDAP message values that have been freed by a preceding database module, resulting in a use-after- free. This is only possible when modif ... oval:org.secpod.oval:def:19500108 A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl oval:org.secpod.oval:def:4500977 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. The following packages have been upgraded to a later upstream version: libldb . Security Fix: * samba: AD users can induce a use-after-free in the server pro ... oval:org.secpod.oval:def:89048661 This update for ldb, samba fixes the following issues: ldb: * CVE-2022-32746: Fixed an use-after-free issue in the database audit logging module . * CVE-2023-0614: Fixed discovering of access controlled AD LDAP attributes . samba: * CVE-2023-0922: Fixed cleartext password sending by AD DC admin too ... oval:org.secpod.oval:def:2500882 The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. oval:org.secpod.oval:def:707651 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:124050 An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. oval:org.secpod.oval:def:89046827 This update for samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging . - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request . - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords . - CVE ... oval:org.secpod.oval:def:89047426 This update for ldb, samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging . - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request . - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords . ... oval:org.secpod.oval:def:609243 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. CVE-2022-2031 Luke Howard reported that Samba AD users can bypass certain restrictions associated with changing passwords. A user who has been requested to change their password can exploit this ... oval:org.secpod.oval:def:86430 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:1601603 It was found that the Kerberos Key Distribution Center delegation feature, Service for User , did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user. A flaw wa ... oval:org.secpod.oval:def:123948 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:82609 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:124107 An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases. oval:org.secpod.oval:def:124105 Samba is the standard Windows interoperability suite of programs for Linux and Unix. oval:org.secpod.oval:def:89047753 This update for ldb, samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging . - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request . - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords . ... oval:org.secpod.oval:def:3300586 SUSE Security Update: Security update for ldb, samba oval:org.secpod.oval:def:86405 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. CVE-2022-2031 Luke Howard reported that Samba AD users can bypass certain restrictions associated with changing passwords. A user who has been requested to change their password can exploit this ... oval:org.secpod.oval:def:86444 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:19500187 All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for th ... oval:org.secpod.oval:def:3300298 SUSE Security Update: Security update for samba oval:org.secpod.oval:def:89048127 This update for samba fixes the following issues: - Updated to version 4.15.13: - CVE-2022-38023: Removed weak cryptographic algorithms from the Netlogon RPC implementation . - CVE-2022-42898: Fixed several buffer overflow vulnerabilities on 32-bit systems . - CVE-2022-3437: Fixed a buffer overflow ... oval:org.secpod.oval:def:89048025 This update for samba fixes the following issues: Version update to 4.15.12. Security issues fixed: - CVE-2022-2031: Fixed AD users that could have bypassed certain restrictions associated with changing passwords . - CVE-2022-32742: Fixed SMB1 code that does not correctly verify SMB1write, SMB1write ... oval:org.secpod.oval:def:89048164 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - Updated to version 4.15.13: - CVE-2022-37966: Fixed an issue where a weak cipher would b ... |