[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 42765 Download | Alert*

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: smbd allows client access to unix domain sockets on the file system as root (CVE-2023-3961) * samba: SMB clients can truncate files with read-on ...

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation.

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation.

Samba is the standard Windows interoperability suite of programs for Linux and Unix.

Samba is the standard Windows interoperability suite of programs for Linux and Unix.

[4.18.6-101] - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server

[4.18.6-2.0.1] - resolves: RHEL-11937 Fix CVE-2023-3961 - smbd must check the pipename - resolves: RHEL-11937 Fix CVE-2023-4091 - SMB clients can truncate files - resolves: RHEL-11937 Fix CVE-2023-42669 - Remove rpcecho server

When doing NTLM authentication, the client sends replies tocryptographic challenges back to the server. These replieshave variable length. Winbind did not properly bounds-checkthe lan manager response length, which despite the lanmanager version no longer being used is still part of theprotocol.If the system is running Samba's ntlm_auth as authentication backendfor services like Squid , the vulnar ...

When doing NTLM authentication, the client sends replies tocryptographic challenges back to the server. These replieshave variable length. Winbind did not properly bounds-checkthe lan manager response length, which despite the lanmanager version no longer being used is still part of theprotocol.If the system is running Samba's ntlm_auth as authentication backendfor services like Squid , the vulnar ...

Samba is vulnerable to path traversal due to insufficient sanitization of clients incoming pipe names. This can lead to the client connecting to as root to a Unix domain socket outside of the Samba private directory. SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls ...


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   4276

© SecPod Technologies