Page 37 of 231 results (0.016 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups. Samba 3.2.0 usa permisos débiles (0666) para los archivos (1) group_mapping.tdb y (2) group_mapping.ldb, lo que permite a usuarios locales modificar la pertenencia a los Grupos Unix. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496073 http://samba.org/samba/security/CVE-2008-3789.html http://secunia.com/advisories/31601 http://www.openwall.com/lists/oss-security/2008/08/26/2 http://www.securityfocus.com/bid/30837 http://www.securitytracker.com/id?1020770 http://www.vupen.com/english/advisories/2008/2440 https://exchange.xforce.ibmcloud.com/vulnerabilities/44678 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.5EPSS: 96%CPEs: 6EXPL: 1

Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. Desbordamiento de búfer basado en montículo en la función receive_smb_raw de util/sock.c en Samba 3.0.0 hasta 3.0.29, permite a atacantes remotos ejecutar código de su elección a través de una respuesta SMB manipulada. • https://www.exploit-db.com/exploits/5712 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00000.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://secunia.com/advisories/30228 http://secunia.com/advisories/30385 http://secunia.com/advisories/30396 http://secunia.com/advisories/30442 http://secunia.com/advisories/30449 http://secunia.com/advisories/30478 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 8%CPEs: 33EXPL: 0

Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors. Desbordamiento de búfer en resync2.6.9 a 3.0.1, al activar el soporte de atributos extendidos (xattr), puede permitir a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html http://marc.info/?l=bugtraq&m=125017764422557&w=2 http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff http://samba.anu.edu.au/rsync/security.html#s3_0_2 http://secunia.com/advisories/29668 http://secunia.com/advisories/29770 http://secunia.com/advisories/29777 http://secunia.com/advisories/29781 http://secunia.com/advisories/29788 http://secunia.com/advisories/29856 http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 97%CPEs: 61EXPL: 1

Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. Desbordamiento de búfer basado en pila en la función send_mailslot de nmbd en Samba 3.0.0 hasta 3.0.27a, cuando la opción "inicios de sesión de dominio" está habilitada, permite a atacantes remotos ejecutar código de su elección mediante una petición de ranura de buzón GETDC compuesta de una cadena larga GETDC a la que sigue un nombre de usuario en una petición de inicio de sesión SAMLOGON. • https://www.exploit-db.com/exploits/4732 http://bugs.gentoo.org/show_bug.cgi?id=200773 http://docs.info.apple.com/article.html?artnum=307430 http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000005.html http://marc.info/?l=bugtraq&m=120524782005154&w=2 http://secunia.com/advisories/27760 http://secunia.com/advisories/27894 http://secunia.com/advisories/27977 http://secunia.com/advisories/27993&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 13%CPEs: 48EXPL: 0

Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests. Desbordamiento de búfer basado en pila en el nmbd del Samba 3.0.0 hasta el 3.0.26a, cuando está configurado como controlador Primario ("Primary ") o Dominio de Seguridad ("Backup Domain"), permite a atacantes remotos tener un impacto desconocido a través de peticiones modificadas GETDC mailslot, relacionada con el manejo de las peticiones de autenticación de servidor GETDC. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000002.html http://marc.info/?l=bugtraq&m=120524782005154&w=2 http://secunia.com/advisories/27450 http://secunia.com/advisories/27679 http://secunia.com/advisories/27682 http://secunia.com/advisories/27691 http://secunia.com/advisories/27701 http://secunia.com/advisories/27720 http://secunia.co • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •