Download
| Alert*
oval:org.secpod.oval:def:89045965
libsamba-policy0-python3 is installed oval:org.secpod.oval:def:3300351 SUSE Security Update: Security update for samba oval:org.secpod.oval:def:3300817 SUSE Security Update: Security update for ldb, samba oval:org.secpod.oval:def:89047648 This update for ldb, samba fixes the following issues: ldb was updated to version 2.4.2 to fix: + Fix for CVE-2021-3670, ensure that the LDB request has not timed out during filter processing as the LDAP server MaxQueryDuration is otherwise not honoured. samba was updated to fix: - Revert NIS suppor ... oval:org.secpod.oval:def:89050245 This update for ldb, samba fixes the following issues: Changes in samba: - Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; ; oval:org.secpod.oval:def:89050464 This update for samba fixes the following issues: Security issue fixed: - CVE-2020-10704: Fixed a stack overflow in the AD DC LDAP server . Non-security issues fixed: - Fixed spnego fallback from kerberos to ntlmssp in smbd server . - Fixed warning messages for non root users using smbclient . oval:org.secpod.oval:def:89050481 This update for samba fixes the following issues: Security issues fixed: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing . - CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not working . - CVE-2 ... oval:org.secpod.oval:def:89050483 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . - CVE-2020-14303: Fixed an endless loop when receiving at AD DC empty UDP packets . - CVE-2020-10730: Fi ... oval:org.secpod.oval:def:89050616 This update for samba fixes the following issues: - CVE-2019-14861: Fixed a DNSServer RPC server crash, that allowed an authenticated user to crash the DCE/RPC DNS management server by creating records with matching the zone name . - CVE-2019-14870: Fixed a DelegationNotAllowed not being enforced . oval:org.secpod.oval:def:89050845 This update for samba fixes the following issues: Security issues fixed: - CVE-2019-12435: zone operations can crash rpc server; ; . Other issues fixed: - Fix cephwrap_flistxattr debug message; ; . - Add ceph_snapshots VFS module; . - Fix vfs_ceph realpath; ; . - MacOS credit accounting breaks with ... oval:org.secpod.oval:def:89048162 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-37966: Fixed an issue where a weak cipher would be selected to encrypt session ... oval:org.secpod.oval:def:89048181 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel . - CVE- ... oval:org.secpod.oval:def:89048180 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . oval:org.secpod.oval:def:89047777 This update for samba fixes the following issues: - CVE-2022-1615: Fixed error handling in random number generation . - CVE-2022-32743: Implement validated dnsHostName write rights . Bugfixes: - Fixed use after free when iterating smbd_server_connection-greater than or connections after tree disconn ... oval:org.secpod.oval:def:89047033 This update for samba fixes the following issues: - CVE-2022-1615: Fixed error handling in random number generation . Bugfixes: - Fixed use after free when iterating smbd_server_connection-connections after tree disconnect failure . oval:org.secpod.oval:def:89047488 - CVE-2021-44141: Information leak via symlinks of existance of files or directories outside of the exported share; ; ; - CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution; ; ; - CVE-2022-0336: Samba AD users with permission to write to an acco ... oval:org.secpod.oval:def:89047260 This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold . - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs . - Spec file fixes around systemd and req ... oval:org.secpod.oval:def:89048537 This update for samba fixes the following issues: * CVE-2023-0922: Fixed Samba AD DC admin tool samba-tool sending passwords in cleartext . oval:org.secpod.oval:def:89048512 This update for samba fixes the following issues: * CVE-2023-0922: Fixed Samba AD DC admin tool samba-tool sending passwords in cleartext . The following non-security bug was fixed: * Prevent use after free of messaging_ctdb_fde_ev structs . oval:org.secpod.oval:def:89047239 This update for samba fixes the following issues: - Fix regression introduced by CVE-2020-25717 patches, winbindd does not start when "allow trusted domains" is off; ; oval:org.secpod.oval:def:89047256 This update for samba and ldb fixes the following issues: - CVE-2020-25718: Fixed that an RODC can issue administrator tickets to other servers . - CVE-2021-3738: Fixed crash in dsdb stack . - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-2571 ... oval:org.secpod.oval:def:89048100 This update for samba fixes the following issues: Update to 4.15.13 - CVE-2022-37966 rc4-hmac Kerberos session keys issued to modern servers . - CVE-2022-37967 Kerberos constrained delegation ticket forgery possible against Samba AD DC . - CVE-2022-38023 RC4/HMAC-MD5 NetLogon Secure Channel is weak ... oval:org.secpod.oval:def:89050943 This update for samba fixes the following issues: * CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions. * CVE-2023-42669: Fixed a bug in "rpcecho" development server which allows Denial of Service via sleep call on AD DC. * CVE-2023-42670: Fixed the procedure nu ... oval:org.secpod.oval:def:89050939 This update for samba fixes the following issues: * CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions oval:org.secpod.oval:def:89050973 This update for samba fixes the following issues: * CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions. * CVE-2023-42669: Fixed a bug in "rpcecho" development server which allows Denial of Service via sleep call on AD DC. * CVE-2023-4154: Fixed a bug in dirsync ... oval:org.secpod.oval:def:89050953 This update for samba fixes the following issues: * CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions. * CVE-2023-42669: Fixed a bug in "rpcecho" development server which allows Denial of Service via sleep call on AD DC. * CVE-2023-4154: Fixed a bug in dirsync ... oval:org.secpod.oval:def:89051556 This update for samba fixes the following issues: samba was updated to version 4.17.9: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . * CVE-2023-34966: Fixed samba spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability . * ... oval:org.secpod.oval:def:89049288 This update for samba fixes the following issues: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . Bugfixes: * Fixed trust relationship failure oval:org.secpod.oval:def:89049172 This update for samba fixes the following issues: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . * CVE-2023-34966: Fixed samba spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability . * CVE-2023-34967: Fixed samba spotligh ... oval:org.secpod.oval:def:89051577 This update for samba fixes the following issues: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . * CVE-2023-34966: Fixed samba spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability . * CVE-2023-34967: Fixed samba spotligh ... oval:org.secpod.oval:def:89049334 This update for samba fixes the following issues: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . * CVE-2023-34966: Fixed samba spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability . * CVE-2023-34967: Fixed samba spotligh ... oval:org.secpod.oval:def:89047426 This update for ldb, samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging . - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request . - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords . ... oval:org.secpod.oval:def:89047753 This update for ldb, samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging . - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request . - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords . ... oval:org.secpod.oval:def:3300586 SUSE Security Update: Security update for ldb, samba oval:org.secpod.oval:def:89050252 This update for samba fixes the following issues: Update to samba 4.11.14 - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . - l ... oval:org.secpod.oval:def:89050381 This update for samba fixes the following issues: - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89048518 This update for ldb, samba fixes the following issues: ldb: * CVE-2022-32746: Fixed an use-after-free issue in the database audit logging module . * CVE-2023-0614: Fixed discovering of access controlled AD LDAP attributes . samba: * CVE-2023-0922: Fixed cleartext password sending by AD DC admin too ... oval:org.secpod.oval:def:3300298 SUSE Security Update: Security update for samba oval:org.secpod.oval:def:89048127 This update for samba fixes the following issues: - Updated to version 4.15.13: - CVE-2022-38023: Removed weak cryptographic algorithms from the Netlogon RPC implementation . - CVE-2022-42898: Fixed several buffer overflow vulnerabilities on 32-bit systems . - CVE-2022-3437: Fixed a buffer overflow ... oval:org.secpod.oval:def:89048025 This update for samba fixes the following issues: Version update to 4.15.12. Security issues fixed: - CVE-2022-2031: Fixed AD users that could have bypassed certain restrictions associated with changing passwords . - CVE-2022-32742: Fixed SMB1 code that does not correctly verify SMB1write, SMB1write ... oval:org.secpod.oval:def:89048661 This update for ldb, samba fixes the following issues: ldb: * CVE-2022-32746: Fixed an use-after-free issue in the database audit logging module . * CVE-2023-0614: Fixed discovering of access controlled AD LDAP attributes . samba: * CVE-2023-0922: Fixed cleartext password sending by AD DC admin too ... oval:org.secpod.oval:def:89048164 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - Updated to version 4.15.13: - CVE-2022-37966: Fixed an issue where a weak cipher would b ... oval:org.secpod.oval:def:89050374 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . - Update to samba 4.11 ... oval:org.secpod.oval:def:89050503 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . |