CVSS: 5.8EPSS: 4%CPEs: 9EXPL: 0CVE-2015-5296 – samba: client requesting encryption vulnerable to downgrade attack
https://notcve.org/view.php?id=CVE-2015-5296
29 Dec 2015 — Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c. Samba 3.x y 4.x en versiones anteriores a 4.1.22, 4.2.x en versiones anteriores a 4.2.7 y 4.3.x en versiones anteriores a 4.3.3 admite conexiones que están cifradas pero no firmadas, lo... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.3EPSS: 11%CPEs: 9EXPL: 0CVE-2015-5299 – Samba: Missing access control check in shadow copy code
https://notcve.org/view.php?id=CVE-2015-5299
29 Dec 2015 — The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory. La función shadow_copy2_get_shadow_copy_data en modules/vfs_shadow_copy2.c en Samba 3.x y 4.x en versiones anteriores a 4.1.22, 4.2.x en versiones anteriores a 4.2.7 y 4.3.x en versiones anteriores ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 57EXPL: 0CVE-2015-5330 – libldb: remote memory read in the Samba LDAP server
https://notcve.org/view.php?id=CVE-2015-5330
29 Dec 2015 — ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value. ldb en versiones anteriores a 1.1.24, como se utiliza en el servidor AD LDAP en Samba 4.x en versiones anteriores a 4.1.22, 4.2.x en versiones anteriores a 4.2.7 y 4.3.x en versiones anter... • http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html • CWE-135: Incorrect Calculation of Multi-Byte String Length CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8467 – Gentoo Linux Security Advisory 201612-47
https://notcve.org/view.php?id=CVE-2015-8467
29 Dec 2015 — The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535. La función samldb_check_user_account_control_acl en dsdb/samdb/ldb_modul... • http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html • CWE-269: Improper Privilege Management •
CVSS: 7.2EPSS: 22%CPEs: 9EXPL: 1CVE-2015-5252 – samba: Insufficient symlink verification in smbd
https://notcve.org/view.php?id=CVE-2015-5252
29 Dec 2015 — vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share. vfs.c en smbd en Samba 3.x y 4.x en versiones anteriores a 4.1.22, 4.2.x en versiones anteriores a 4.2.7 y 4.3.x en versiones anteriores a 4.3.3, cuando existen nombres de recursos compartidos con ciertas relaciones de subcadenas, permite a at... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html • CWE-41: Improper Resolution of Path Equivalence CWE-264: Permissions, Privileges, and Access Controls •