CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-3997
https://notcve.org/view.php?id=CVE-2021-3997
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. Se ha encontrado un fallo en systemd. Una recursión no controlada en systemd-tmpfiles puede conllevar a una denegación de servicio en el momento del arranque cuando son creados demasiados directorios anidados en /tmp. • https://access.redhat.com/security/cve/CVE-2021-3997 https://bugzilla.redhat.com/show_bug.cgi?id=2024639 https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1 https://security.gentoo.org/glsa/202305-15 https://www.openwall.com/lists/oss-security/2022/01/10/2 • CWE-674: Uncontrolled Recursion •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-3930 – QEMU: off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c
https://notcve.org/view.php?id=CVE-2021-3930
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition. Se ha encontrado un error "off-by-one" en la emulación de dispositivos SCSI en QEMU. Podía ocurrir mientras eran procesados comandos MODE SELECT en mode_sense_page() si el argumento "page" era establecido como MODE_PAGE_ALLS (0x3f). • https://bugzilla.redhat.com/show_bug.cgi?id=2020588 https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://security.gentoo.org/glsa/202208-27 https://security.netapp.com/advisory/ntap-20220225-0007 https://access.redhat.com/security/cve/CVE-2021-3930 • CWE-193: Off-by-one Error •
CVSS: 6.8EPSS: 0%CPEs: 43EXPL: 0CVE-2016-2124 – samba: SMB1 client connections can be downgraded to plaintext authentication
https://notcve.org/view.php?id=CVE-2016-2124
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. Se ha encontrado un fallo en la forma en que Samba implementa la autenticación SMB1. Un atacante podría usar este fallo para recuperar la contraseña en texto plano enviada a través del cable, incluso si es requerida la autenticación Kerberos • https://bugzilla.redhat.com/show_bug.cgi?id=2019660 https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2016-2124.html https://access.redhat.com/security/cve/CVE-2016-2124 • CWE-287: Improper Authentication •
CVSS: 8.5EPSS: 0%CPEs: 44EXPL: 0CVE-2020-25717 – samba: Active Directory (AD) domain user could become root on domain members
https://notcve.org/view.php?id=CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. Se encontró un fallo en la forma en que Samba mapea usuarios del dominio a usuarios locales. Un atacante autenticado podría usar este fallo para causar una posible escalada de privilegios • https://bugzilla.redhat.com/show_bug.cgi?id=2019672 https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2020-25717.html https://access.redhat.com/security/cve/CVE-2020-25717 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 33EXPL: 0CVE-2020-25719 – samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets
https://notcve.org/view.php?id=CVE-2020-25719
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise. Se encontró un fallo en la forma en que Samba, como controlador de dominio de Active Directory, implementaba la autenticación basada en nombres de Kerberos. El AD DC de Samba, podía confundirse sobre el usuario que representa un ticket si no requería estrictamente un PAC de Kerberos y siempre usaba los SIDs encontrados dentro. • https://bugzilla.redhat.com/show_bug.cgi?id=2019732 https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2020-25719.html https://access.redhat.com/security/cve/CVE-2020-25719 • CWE-287: Improper Authentication CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •