Page 5 of 56 results (0.020 seconds)

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service. Se ha detectado un fallo en la manera en la que una expresión de búsqueda LDAP podría provocar el cierre inesperado del proceso del servidor LDAP de un AD DC de samba en samba en versiones anteriores a la 4.10. Un usuario autenticado con permisos de lectura en el servidor LDAP podría aprovechar este fallo para provocar una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00035.html http://www.securityfocus.com/bid/107347 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3824 https://bugzilla.samba.org/show_bug.cgi?id=13773 https://lists.debian.org/debian-lts-announce/2019/03/msg00000.html https://security.netapp.com/advisory/ntap-20190226-0001 https://usn.ubuntu.com/3895-1 https://www.debian.org/security/2019/dsa-4397 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. Se ha descubierto un desbordamiento de búfer en la manera en la que los clientes de samba procesaban nombres de archivo excesivamente largos en un listado de directorios. Un servidor samba malicioso podría utilizar este defecto para provocar la ejecución de código arbitrario en un cliente de samba. • http://www.securityfocus.com/bid/105085 http://www.securitytracker.com/id/1042002 https://access.redhat.com/errata/RHSA-2018:2612 https://access.redhat.com/errata/RHSA-2018:2613 https://access.redhat.com/errata/RHSA-2018:3056 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10858 https://kc.mcafee.com/corporate/index?page=content&id=SB10284 https://security.gentoo.org/glsa/202003-52 https://security.netapp.com/advisory • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. Se ha encontrado un fallo en la forma en la que el cliente samba en versiones anteriores a samba 4.4.16, samba 4.5.14 y samba 4.6.8 utilizaba cifrado con el protocolo max establecido en SMB3. La conexión podía perder el requisito de firmar y cifrar con cualquier redirección DFS, lo que permitía a un atacante leer o alterar el contenido de la conexión mediante un ataque Man-in-the-Middle (MitM). A flaw was found in the way samba client used encryption with the max protocol set as SMB3. • http://www.securityfocus.com/bid/100917 http://www.securitytracker.com/id/1039401 https://access.redhat.com/errata/RHSA-2017:2790 https://access.redhat.com/errata/RHSA-2017:2858 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12151 https://security.netapp.com/advisory/ntap-20170921-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us https://www.debian.org/security/2017/dsa-3983 https://www.samba.org/samba/security/CVE-20 • CWE-300: Channel Accessible by Non-Endpoint CWE-310: Cryptographic Issues •

CVSS: 7.4EPSS: 0%CPEs: 14EXPL: 0

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. Se ha descubierto que Samba en versiones anteriores a la 4.4.16, versiones 4.5.x anteriores a la 4.5.14 y versiones 4.6.x anteriores a la 4.6.8 no cumple "SMB signing" cuando están habilitadas determinadas opciones de configuración. Un atacante remoto podría lanzar un ataque Man-in-the-Middle (MitM) y recuperar información en texto plano. It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. • http://www.securityfocus.com/bid/100918 http://www.securitytracker.com/id/1039401 https://access.redhat.com/errata/RHSA-2017:2789 https://access.redhat.com/errata/RHSA-2017:2790 https://access.redhat.com/errata/RHSA-2017:2791 https://access.redhat.com/errata/RHSA-2017:2858 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12150 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us https://security.netapp.com/advisory/ntap-20170 • CWE-300: Channel Accessible by Non-Endpoint •

CVSS: 7.1EPSS: 53%CPEs: 14EXPL: 0

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. Se ha descubierto una vulnerabilidad de fuga de información en la manera en la que Samba, en versiones anteriores a la 4.4.16, versiones 4.5.x anteriores a la 4.5.14 y versiones 4.6.x anteriores a la 4.6.8, implementó el protocolo SMB1. Un cliente malicioso podría utilizar esta vulnerabilidad para volcar los contenidos de la memoria del servidor en un archivo en el almacenamiento de samba o en una impresora compartida, aunque el atacante no pueda controlar el área exacta de memoria del servidor. An information leak flaw was found in the way SMB1 protocol was implemented by Samba. • http://www.securityfocus.com/bid/100925 http://www.securitytracker.com/id/1039401 https://access.redhat.com/errata/RHSA-2017:2789 https://access.redhat.com/errata/RHSA-2017:2790 https://access.redhat.com/errata/RHSA-2017:2791 https://access.redhat.com/errata/RHSA-2017:2858 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12163 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us https://security.netapp.com/advisory/ntap-20170 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •