samba

176 items tagged "samba"

Related tags: web administration tool [+], web [+], tar gz [+], samba web administration tool [+], packet [+], local [+], directory traversal vulnerability [+], symlink [+], red [+], memory [+], user [+], sid parsing [+], set [+], samba suite [+], request [+], remote buffer overflow vulnerability [+], remote buffer overflow [+], mdvsa [+], mandriva linux [+], forgery [+], directory [+], cross site scripting [+], cross [+], buffer [+], utility [+], server [+], samba mount [+], privilege escalation vulnerability [+], local privilege escalation [+], dce [+], andx [+], security advisory [+], secunia [+], based buffer overflow [+], vulnerability [+], zero day [+], usn [+], smbfs [+], samba server [+], playbook [+], mountpoint [+], mount [+], gain privileges [+], day [+], code [+], blackberry [+], advisory [+], unix [+], ubuntu [+], swat samba [+], samba configuration [+], samba clients [+], remote security [+], oplock [+], ishikawa [+], execution [+], cve [+], break [+], administration [+], vulnerabilities [+], verbose option [+], verbose [+], txt [+], suse [+], smbd [+], shell command [+], share [+], setuid [+], session setup [+], samba packages [+], reply function [+], remote shell [+], preauth [+], passwd [+], override [+], option information [+], null pointer dereference [+], notification [+], ngs [+], new samba [+], new [+], multiple [+], mtab [+], ms rpc [+], misconfigured [+], information disclosure vulnerability [+], idefense security advisory [+], heap memory [+], file security [+], file [+], etc passwd [+], dsa [+], command execution [+], attacker [+], arbitrary code execution [+], account [+], denial of service [+], update [+], string [+], ssa [+], slackware [+], service [+], server samba [+], samba samba [+], samba project [+], rpsa [+], root privileges [+], retired [+], red hat security [+], package [+], module 0 [+], memory location [+], kills [+], hat [+], format string [+], format [+], esx [+], dos [+], denial of service attacks [+], console [+], buffer overflow [+], acpid [+], memory corruption [+], bugtraq [+], swat [+], remote [+], code execution [+], security [+], service vulnerability [+], samba swat [+], buffer overflow vulnerability [+], client [+], server message block [+], rpc [+], open source implementation [+], vscan [+], smb [+], scannedonly [+], scalability problems [+], samba client [+], module [+]

May 16, 2012
0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: samba dce rpc code-execution vulnerability
May 09, 2012
0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: code-execution samba vulnerability
May 08, 2012
5:03
Bugtraq: [ MDVSA-2012:070 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2012:070 ] samba
Tags: bugtraq mdvsa samba
May 03, 2012
0:00
Vuln: Samba CVE-2012-2111 Remote Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba CVE-2012-2111 Remote Security Bypass Vulnerability
Tags: samba remote security remote-security cve
0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: samba dce rpc code-execution vulnerability
May 02, 2012
11:01
Bugtraq: [SECURITY] [DSA 2463-1] samba security update
» ‎ SecurityFocus Vulnerabilities

[SECURITY] [DSA 2463-1] samba security update
Tags: samba security dsa
0:00
Vuln: Samba CVE-2012-2111 Remote Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba CVE-2012-2111 Remote Security Bypass Vulnerability
Tags: samba remote security remote-security cve

May 01, 2012
14:33
Red Hat Security Advisory 2012-0533-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2012-0533-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled certain Local Security Authority Remote Procedure Calls. An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks.
Tags: server samba security server-message-block open-source-implementation samba-server

14:33
Red Hat Security Advisory 2012-0533-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-0533-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled certain Local Security Authority Remote Procedure Calls. An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks.
Tags: server samba security server-message-block open-source-implementation samba-server

14:33
Red Hat Security Advisory 2012-0533-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2012-0533-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled certain Local Security Authority Remote Procedure Calls. An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks.
Tags: server samba security server-message-block open-source-implementation samba-server

0:00
Vuln: Samba CVE-2012-2111 Remote Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba CVE-2012-2111 Remote Security Bypass Vulnerability
Tags: remote-security cve samba
April 30, 2012
0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: samba dce rpc code-execution vulnerability
April 23, 2012
0:00
Vuln: Samba SWAT Cross Site Request Forgery Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT Cross Site Request Forgery Vulnerability
Tags: cross swat samba samba-swat forgery vulnerability
April 18, 2012
0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: samba dce rpc code-execution vulnerability

April 15, 2012
19:53
Secunia Security Advisory 48873
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Tags: advisory secunia security suse security-advisory samba
April 13, 2012
12:35
Red Hat Security Advisory 2012-0478-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2012-0478-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
Tags: samba red rpc server-message-block open-source-implementation samba-suite

12:35
Red Hat Security Advisory 2012-0478-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-0478-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
Tags: samba red rpc server-message-block open-source-implementation samba-suite

12:35
Red Hat Security Advisory 2012-0478-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2012-0478-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
Tags: samba red rpc server-message-block open-source-implementation samba-suite

0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: samba dce rpc code-execution vulnerability
April 12, 2012
0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: samba dce rpc code-execution vulnerability
April 11, 2012
9:08
Bugtraq: [ MDVSA-2012:055 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2012:055 ] samba
Tags: bugtraq mdvsa samba

7:21
Red Hat Security Advisory 2012-0466-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2012-0466-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
Tags: samba red rpc server-message-block open-source-implementation samba-suite

7:21
Red Hat Security Advisory 2012-0466-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-0466-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
Tags: samba red rpc server-message-block open-source-implementation samba-suite

7:21
Red Hat Security Advisory 2012-0466-01
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2012-0466-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
Tags: samba red rpc server-message-block open-source-implementation samba-suite

7:20
Red Hat Security Advisory 2012-0465-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2012-0465-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
Tags: samba red rpc server-message-block open-source-implementation samba-suite
0:10
Secunia Security Advisory 48742
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - A vulnerability has been reported in Samba, which can be exploited by malicious people to compromise a vulnerable system.
Tags: advisory secunia security security-advisory samba

0:00
Vuln: Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
Tags: code-execution samba vulnerability
March 23, 2012
0:00
Vuln: Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow
March 21, 2012
0:00
Vuln: Samba Symlink Directory Traversal Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Symlink Directory Traversal Vulnerability
Tags: directory symlink samba directory-traversal-vulnerability

March 10, 2012
21:32
Secunia Security Advisory 48341
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Tags: advisory secunia security suse security-advisory samba

March 08, 2012
0:00
Vuln: Samba SWAT 'user' Field Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT 'user' Field Cross Site Scripting Vulnerability
Tags: user swat samba samba-swat cross-site-scripting vulnerability
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
0:00
Vuln: Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
Tags: utility samba mount samba-mount privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Samba 'etc/mtab' File Appending Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'etc/mtab' File Appending Local Denial of Service Vulnerability
Tags: file samba mtab service-vulnerability denial-of-service
0:00
Vuln: Samba 'FD_SET' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'FD_SET' Memory Corruption Vulnerability
Tags: samba set memory memory-corruption vulnerability
February 29, 2012
0:00
Vuln: Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow
February 28, 2012
14:00
Bugtraq: [ MDVSA-2012:025 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2012:025 ] samba
Tags: bugtraq mdvsa samba
February 27, 2012
9:00
Bugtraq: NGS00237 Patch Notification: Samba Andx request Remote Code Execution
» ‎ SecurityFocus Vulnerabilities

NGS00237 Patch Notification: Samba Andx request Remote Code Execution
Tags: samba notification ngs andx code-execution

6:22
Samba Remote Code Execution
» ‎ Packet Storm Security Advisories

Samba versions up to 3.4.0 suffer from a code execution vulnerability.
Tags: code samba execution code-execution vulnerability

6:22
Samba Remote Code Execution
» ‎ Packet Storm Security Recent Files

Samba versions up to 3.4.0 suffer from a code execution vulnerability.
Tags: code samba execution code-execution vulnerability

6:22
Samba Remote Code Execution
» ‎ Packet Storm Security Misc. Files

Samba versions up to 3.4.0 suffer from a code execution vulnerability.
Tags: code samba execution code-execution vulnerability

February 26, 2012
1:58
Secunia Security Advisory 48152
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - A vulnerability has been reported in Samba, which can be exploited by malicious people to compromise a vulnerable system.
Tags: secunia security-advisory samba
February 24, 2012
15:05
BlackBerry PlayBook Samba Remote Code Execution
» ‎ Packet Storm Security Advisories

BlackBerry PlayBook suffers from a samba related code execution vulnerability. Tablet versions prior to 2.0.0.7971 are affected.
Tags: playbook samba blackberry code-execution

15:05
BlackBerry PlayBook Samba Remote Code Execution
» ‎ Packet Storm Security Recent Files

BlackBerry PlayBook suffers from a samba related code execution vulnerability. Tablet versions prior to 2.0.0.7971 are affected.
Tags: playbook samba blackberry code-execution

15:05
BlackBerry PlayBook Samba Remote Code Execution
» ‎ Packet Storm Security Misc. Files

BlackBerry PlayBook suffers from a samba related code execution vulnerability. Tablet versions prior to 2.0.0.7971 are affected.
Tags: playbook samba blackberry code-execution

11:00
Bugtraq: NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution
» ‎ SecurityFocus Vulnerabilities

NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution
Tags: notification ngs blackberry code-execution playbook samba
0:00
Vuln: Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow

February 23, 2012
19:48
Red Hat Security Advisory 2012-0332-01
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2012-0332-01 - Samba is a suite of programs used by machines to share files, printers, and other information. An input validation flaw was found in the way Samba handled Any Batched requests. A remote, unauthenticated attacker could send a specially-crafted SMB packet to the Samba server, possibly resulting in arbitrary code execution with the privileges of the Samba server.
Tags: hat samba red arbitrary-code-execution samba-server red-hat-security
19:37
Secunia Security Advisory 48154
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - Red Hat has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Tags: advisory secunia security security-advisory samba

0:00
Vuln: Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow
February 22, 2012
0:00
Vuln: Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow

February 21, 2012
7:36
Red Hat Security Advisory 2012-0313-03
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2012-0313-03 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The default Samba server configuration enabled both the "wide links" and "unix extensions" options, allowing Samba clients with write access to a share to create symbolic links that point to any location on the file system. Clients connecting with CIFS UNIX extensions disabled could have such links resolved on the server, allowing them to access and possibly overwrite files outside of the share. With this update, "wide links" is set to "no" by default. In addition, the update ensures "wide links" is disabled for shares that have "unix extensions" enabled.
Tags: server unix samba server-message-block open-source-implementation samba-clients

7:36
Red Hat Security Advisory 2012-0313-03
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-0313-03 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The default Samba server configuration enabled both the "wide links" and "unix extensions" options, allowing Samba clients with write access to a share to create symbolic links that point to any location on the file system. Clients connecting with CIFS UNIX extensions disabled could have such links resolved on the server, allowing them to access and possibly overwrite files outside of the share. With this update, "wide links" is set to "no" by default. In addition, the update ensures "wide links" is disabled for shares that have "unix extensions" enabled.
Tags: server unix samba server-message-block open-source-implementation samba-clients

7:36
Red Hat Security Advisory 2012-0313-03
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2012-0313-03 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The default Samba server configuration enabled both the "wide links" and "unix extensions" options, allowing Samba clients with write access to a share to create symbolic links that point to any location on the file system. Clients connecting with CIFS UNIX extensions disabled could have such links resolved on the server, allowing them to access and possibly overwrite files outside of the share. With this update, "wide links" is set to "no" by default. In addition, the update ensures "wide links" is disabled for shares that have "unix extensions" enabled.
Tags: server unix samba server-message-block open-source-implementation samba-clients

0:00
Vuln: Samba Symlink Directory Traversal Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Symlink Directory Traversal Vulnerability
Tags: directory symlink samba directory-traversal-vulnerability
January 31, 2012
0:00
Vuln: Samba SWAT Cross Site Request Forgery Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT Cross Site Request Forgery Vulnerability
Tags: cross swat samba samba-swat forgery vulnerability
October 12, 2011
8:00
Bugtraq: [ MDVSA-2011:148 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2011:148 ] samba
Tags: bugtraq mdvsa samba
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
0:00
Vuln: Samba 'etc/mtab' File Appending Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'etc/mtab' File Appending Local Denial of Service Vulnerability
Tags: file samba mtab service-vulnerability denial-of-service
September 23, 2011
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
0:00
Vuln: Samba SWAT 'user' Field Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT 'user' Field Cross Site Scripting Vulnerability
Tags: user swat samba samba-swat cross-site-scripting vulnerability
September 22, 2011
0:00
Vuln: Samba SWAT 'user' Field Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT 'user' Field Cross Site Scripting Vulnerability
Tags: user swat samba samba-swat cross-site-scripting vulnerability
September 05, 2011
0:00
Vuln: Samba SWAT 'user' Field Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT 'user' Field Cross Site Scripting Vulnerability
Tags: user swat samba samba-swat cross-site-scripting vulnerability
0:00
Vuln: Samba SWAT Cross Site Request Forgery Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT Cross Site Request Forgery Vulnerability
Tags: cross swat samba samba-swat forgery vulnerability
August 22, 2011
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
August 17, 2011
0:00
Vuln: Samba SWAT Cross Site Request Forgery Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT Cross Site Request Forgery Vulnerability
Tags: cross swat samba samba-swat forgery vulnerability
August 09, 2011
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
August 08, 2011
0:00
Vuln: Samba SWAT 'user' Field Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT 'user' Field Cross Site Scripting Vulnerability
Tags: user swat samba samba-swat cross-site-scripting vulnerability
0:00
Vuln: Samba SWAT Cross Site Request Forgery Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT Cross Site Request Forgery Vulnerability
Tags: cross swat samba samba-swat forgery vulnerability

August 02, 2011
19:23
Ubuntu Security Notice USN-1182-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 1182-1 - Yoshihiro Ishikawa discovered that the Samba Web Administration Tool (SWAT) was vulnerable to cross-site request forgeries (CSRF). If a Samba administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the Samba configuration. Nobuhiro Tsuji discovered that the Samba Web Administration Tool (SWAT) did not properly sanitize its input when processing password change requests, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
Tags: ubuntu samba web ishikawa samba-web-administration-tool web-administration-tool samba-configuration

19:23
Ubuntu Security Notice USN-1182-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1182-1 - Yoshihiro Ishikawa discovered that the Samba Web Administration Tool (SWAT) was vulnerable to cross-site request forgeries (CSRF). If a Samba administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the Samba configuration. Nobuhiro Tsuji discovered that the Samba Web Administration Tool (SWAT) did not properly sanitize its input when processing password change requests, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
Tags: ubuntu samba web ishikawa samba-web-administration-tool web-administration-tool samba-configuration

19:23
Ubuntu Security Notice USN-1182-1
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 1182-1 - Yoshihiro Ishikawa discovered that the Samba Web Administration Tool (SWAT) was vulnerable to cross-site request forgeries (CSRF). If a Samba administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the Samba configuration. Nobuhiro Tsuji discovered that the Samba Web Administration Tool (SWAT) did not properly sanitize its input when processing password change requests, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
Tags: ubuntu samba web ishikawa samba-web-administration-tool web-administration-tool samba-configuration

0:00
Vuln: Samba SWAT 'user' Field Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT 'user' Field Cross Site Scripting Vulnerability
Tags: user swat samba samba-swat cross-site-scripting vulnerability
0:00
Vuln: Samba SWAT Cross Site Request Forgery Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT Cross Site Request Forgery Vulnerability
Tags: cross swat samba samba-swat forgery vulnerability
August 01, 2011
10:00
Bugtraq: [slackware-security] samba (SSA:2011-210-03)
» ‎ SecurityFocus Vulnerabilities

[slackware-security] samba (SSA:2011-210-03)
Tags: bugtraq samba ssa slackware
0:00
Vuln: Samba SWAT 'user' Field Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT 'user' Field Cross Site Scripting Vulnerability
Tags: user swat samba samba-swat cross-site-scripting vulnerability
0:00
Vuln: Samba SWAT Cross Site Request Forgery Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SWAT Cross Site Request Forgery Vulnerability
Tags: cross swat samba samba-swat forgery vulnerability
July 29, 2011
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
July 27, 2011
13:00
Bugtraq: [ MDVSA-2011:121 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2011:121 ] samba
Tags: bugtraq samba

8:27
Mandriva Linux Security Advisory 2011-121
» ‎ Packet Storm Security Advisories

Mandriva Linux Security Advisory 2011-121 - All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT. All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the Change Password field, it is possible to insert arbitrary content into the user field.
Tags: swat samba web samba-web-administration-tool web-administration-tool mandriva-linux

8:27
Mandriva Linux Security Advisory 2011-121
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2011-121 - All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT. All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the Change Password field, it is possible to insert arbitrary content into the user field.
Tags: swat samba web samba-web-administration-tool web-administration-tool mandriva-linux

8:27
Mandriva Linux Security Advisory 2011-121
» ‎ Packet Storm Security Misc. Files

Mandriva Linux Security Advisory 2011-121 - All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT. All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the Change Password field, it is possible to insert arbitrary content into the user field.
Tags: swat samba web samba-web-administration-tool web-administration-tool mandriva-linux

8:26
Samba Web Administration Tool Cross Site Request Forgery
» ‎ Packet Storm Security Exploits

SWAT (Samba Web Administration Tool) in Samba versions 3.0.x through 3.5.9 suffers from a cross site request forgery vulnerability.
Tags: samba administration web samba-web-administration-tool web-administration-tool swat-samba

8:26
Samba Web Administration Tool Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

SWAT (Samba Web Administration Tool) in Samba versions 3.0.x through 3.5.9 suffers from a cross site request forgery vulnerability.
Tags: samba administration web samba-web-administration-tool web-administration-tool swat-samba

8:26
Samba Web Administration Tool Cross Site Request Forgery
» ‎ Packet Storm Security Misc. Files

SWAT (Samba Web Administration Tool) in Samba versions 3.0.x through 3.5.9 suffers from a cross site request forgery vulnerability.
Tags: samba administration web samba-web-administration-tool web-administration-tool swat-samba

June 16, 2011
0:00
Vuln: Samba 'FD_SET' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'FD_SET' Memory Corruption Vulnerability
Tags: samba set memory memory-corruption vulnerability
0:00
Vuln: Samba SID Parsing Remote Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SID Parsing Remote Buffer Overflow Vulnerability
Tags: buffer samba remote sid-parsing buffer-overflow-vulnerability remote-buffer-overflow-vulnerability remote-buffer-overflow
April 08, 2011
0:00
Vuln: Samba 'FD_SET' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'FD_SET' Memory Corruption Vulnerability
Tags: samba set memory memory-corruption vulnerability
March 25, 2011
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability
March 03, 2011
0:00
Vuln: Samba 'FD_SET' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'FD_SET' Memory Corruption Vulnerability
Tags: samba set memory memory-corruption vulnerability
March 02, 2011
0:00
Vuln: Samba 'FD_SET' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'FD_SET' Memory Corruption Vulnerability
Tags: samba set memory memory-corruption vulnerability
March 01, 2011
0:00
Vuln: Samba 'FD_SET' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'FD_SET' Memory Corruption Vulnerability
Tags: samba set memory memory-corruption vulnerability
February 28, 2011
12:00
Bugtraq: [ MDVSA-2011:038 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2011:038 ] samba
Tags: bugtraq mdvsa samba
12:00
Bugtraq: [USN-1075-1] Samba vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-1075-1] Samba vulnerability
Tags: bugtraq vulnerability samba usn
0:00
Vuln: Samba 'FD_SET' Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'FD_SET' Memory Corruption Vulnerability
Tags: samba set memory memory-corruption vulnerability
January 13, 2011
0:00
Vuln: Samba SID Parsing Remote Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SID Parsing Remote Buffer Overflow Vulnerability
Tags: buffer samba remote sid-parsing buffer-overflow-vulnerability remote-buffer-overflow remote-buffer-overflow-vulnerability
December 07, 2010
0:00
Vuln: Samba SID Parsing Remote Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SID Parsing Remote Buffer Overflow Vulnerability
Tags: buffer samba remote sid-parsing buffer-overflow-vulnerability remote-buffer-overflow remote-buffer-overflow-vulnerability
November 25, 2010
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability

November 01, 2010
22:01
scannedonly-0.21.tar.gz
» ‎ Packet Storm Security Tools

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

22:01
scannedonly-0.21.tar.gz
» ‎ Packet Storm Security Recent Files

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

20:26
Scannedonly Samba VFS Module 0.21
» ‎ Packet Storm Security Tools

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: module scannedonly samba module-0 scalability-problems vscan

October 18, 2010
8:00
Bugtraq: rPSA-2010-0066-1 samba samba-client samba-server samba-swat
» ‎ SecurityFocus Vulnerabilities

rPSA-2010-0066-1 samba samba-client samba-server samba-swat
Tags: bugtraq samba rpsa samba-swat samba-samba server-samba
0:00
Vuln: Samba SID Parsing Remote Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SID Parsing Remote Buffer Overflow Vulnerability
Tags: buffer samba remote sid-parsing buffer-overflow-vulnerability remote-buffer-overflow remote-buffer-overflow-vulnerability
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability
October 05, 2010
0:00
Vuln: Samba SID Parsing Remote Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SID Parsing Remote Buffer Overflow Vulnerability
Tags: buffer samba remote sid-parsing buffer-overflow-vulnerability remote-buffer-overflow remote-buffer-overflow-vulnerability
September 24, 2010
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability
September 16, 2010
11:00
Bugtraq: [SECURITY] [DSA-2109-1] New samba packages fix buffer overflow
» ‎ SecurityFocus Vulnerabilities

[SECURITY] [DSA-2109-1] New samba packages fix buffer overflow
Tags: samba security new samba-packages new-samba buffer-overflow
0:00
Vuln: Samba SID Parsing Remote Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SID Parsing Remote Buffer Overflow Vulnerability
Tags: buffer samba remote sid-parsing buffer-overflow-vulnerability remote-buffer-overflow remote-buffer-overflow-vulnerability
September 15, 2010
0:00
Vuln: Samba SID Parsing Remote Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba SID Parsing Remote Buffer Overflow Vulnerability
Tags: buffer samba remote sid-parsing buffer-overflow-vulnerability remote-buffer-overflow remote-buffer-overflow-vulnerability
September 14, 2010
9:00
Bugtraq: [USN-987-1] Samba vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-987-1] Samba vulnerability
Tags: bugtraq vulnerability samba usn

0:00
Update Kills Code-Execution Threat In Samba
» ‎ Packet Storm Security Headlines

Update Kills Code-Execution Threat In Samba
Tags: code update kills code-execution samba

August 02, 2010
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability
July 28, 2010
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability

July 27, 2010
19:01
MDVSA-2010-141.txt
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2010-141 - The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request. The updated packages provides samba 3.4.8 which is not vulnerable to these issues.
Tags: samba request security reply-function session-setup denial-of-service

19:00
MDVSA-2010-141.txt
» ‎ Packet Storm Security Advisories

Mandriva Linux Security Advisory 2010-141 - The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request. The updated packages provides samba 3.4.8 which is not vulnerable to these issues.
Tags: samba request security reply-function session-setup denial-of-service

11:00
Bugtraq: [ MDVSA-2010:141 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2010:141 ] samba
Tags: bugtraq mdvsa samba
0:00
Vuln: Samba Multiple Remote Denial of Service Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Samba Multiple Remote Denial of Service Vulnerabilities
Tags: multiple samba remote denial-of-service vulnerabilities
July 08, 2010
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability

July 02, 2010
0:27
Samba 3.3.12 Memory Corruption Vulnerability
» ‎ SecuriTeam

Remote exploitation of a buffer overflow vulnerability within Samba Project's Samba could allow an attacker to execute arbitrary code with root privileges.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: vulnerability samba memory buffer-overflow-vulnerability samba-project memory-corruption

July 01, 2010
0:00
Vuln: Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
Tags: utility samba mount samba-mount privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability
June 18, 2010
0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: memory-corruption samba vulnerability

June 17, 2010
22:01
dsa-2061-1.txt
» ‎ Packet Storm Security Advisories

Debian Linux Security Advisory 2061-1 - Jun Mao discovered that Samba, an implementation of the SMB/CIFS protocol for Unix systems, is not properly handling certain offset values when processing chained SMB1 packets. This enables an unauthenticated attacker to write to an arbitrary memory location resulting in the possibility to execute arbitrary code with root privileges or to perform denial of service attacks by crashing the samba daemon.
Tags: smb dsa samba root-privileges denial-of-service-attacks memory-location

10:00
Bugtraq: [ MDVSA-2010:119 ] samba
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2010:119 ] samba
Tags: bugtraq mdvsa samba
8:00
Bugtraq: [SECURITY] [DSA 2061-1] New samba packages fix arbitrary code execution
» ‎ SecurityFocus Vulnerabilities

[SECURITY] [DSA 2061-1] New samba packages fix arbitrary code execution
Tags: samba security package new arbitrary-code-execution samba-packages new-samba

1:00
06.16.10-1.txt
» ‎ Packet Storm Security Recent Files

iDefense Security Advisory 06.16.10 - Remote exploitation of a buffer overflow vulnerability within Samba Project's Samba could allow an attacker to execute arbitrary code with root privileges. This vulnerability exists in a certain function within Samba, where an attacker could trigger a memory corruption by sending specially crafted SMB requests resulting in heap memory overwritten with attacker supplied data, which can allow attackers to execute code remotely. iDefense has confirmed the existence of this vulnerability in Samba version 3.3.12. Previous versions are suspected to be affected.Samba 3.4.0 and newer versions rewrite the whole logic of the vulnerable function and thus are not affected by this vulnerability.
Tags: vulnerability attacker samba buffer-overflow-vulnerability heap-memory idefense-security-advisory

1:00
06.16.10-1.txt
» ‎ Packet Storm Security Advisories

iDefense Security Advisory 06.16.10 - Remote exploitation of a buffer overflow vulnerability within Samba Project's Samba could allow an attacker to execute arbitrary code with root privileges. This vulnerability exists in a certain function within Samba, where an attacker could trigger a memory corruption by sending specially crafted SMB requests resulting in heap memory overwritten with attacker supplied data, which can allow attackers to execute code remotely. iDefense has confirmed the existence of this vulnerability in Samba version 3.3.12. Previous versions are suspected to be affected.Samba 3.4.0 and newer versions rewrite the whole logic of the vulnerable function and thus are not affected by this vulnerability.
Tags: vulnerability attacker samba buffer-overflow-vulnerability heap-memory idefense-security-advisory

0:00
Vuln: Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Tags: smb packet samba memory-corruption vulnerability

June 08, 2010
19:00
scannedonly-0.20.tar.gz
» ‎ Packet Storm Security Tools

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

19:00
scannedonly-0.20.tar.gz
» ‎ Packet Storm Security Recent Files

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

May 13, 2010
1:00
Samba Multiple DoS Vulnerabilities
» ‎ 1337day (was: Inj3ct0r, 1337db)

Samba Multiple DoS Vulnerabilities
Tags: multiple samba dos vulnerabilities

May 12, 2010
9:01
SS-2010-005.txt
» ‎ Packet Storm Security Recent Files

Two vulnerabilities were discovered within in the Samba Smbd daemon which allow an attacker to trigger a null pointer dereference or an uninitialized variable read by sending a specific 'Sessions Setup AndX' query. Successful exploitation of these issues will result in a denial of service. Versions 3.4.7 and below and 3.5.1 and below are affected.
Tags: txt samba null-pointer-dereference denial-of-service smbd

9:00
SS-2010-005.txt
» ‎ Packet Storm Security Exploits

Two vulnerabilities were discovered within in the Samba Smbd daemon which allow an attacker to trigger a null pointer dereference or an uninitialized variable read by sending a specific 'Sessions Setup AndX' query. Successful exploitation of these issues will result in a denial of service. Versions 3.4.7 and below and 3.5.1 and below are affected.
Tags: txt samba null-pointer-dereference denial-of-service smbd

May 11, 2010
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
0:00
Vuln: Samba 'mount.cifs' Utility Symlink Attack Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'mount.cifs' Utility Symlink Attack Local Privilege Escalation Vulnerability
Tags: utility symlink samba samba-mount privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
Tags: utility samba mount samba-mount privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: RETIRED: Samba 'mount.cifs' Utility Symlink Attack Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

RETIRED: Samba 'mount.cifs' Utility Symlink Attack Local Privilege Escalation Vulnerability
Tags: utility samba retired samba-mount privilege-escalation-vulnerability local-privilege-escalation

May 10, 2010
17:00
MDVSA-2010-090-1.txt
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues. It was discovered that the previous Samba update required libtalloc from Samba4 package. Therefore, this update provides the required packages in order to fix the issue.
Tags: samba mountpoint client mandriva-linux gain-privileges smbfs

17:00
MDVSA-2010-090-1.txt
» ‎ Packet Storm Security Advisories

Mandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues. It was discovered that the previous Samba update required libtalloc from Samba4 package. Therefore, this update provides the required packages in order to fix the issue.
Tags: samba mountpoint client mandriva-linux gain-privileges smbfs

May 04, 2010
18:28
MDVSA-2010-090.txt
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues.
Tags: samba mountpoint client mandriva-linux gain-privileges smbfs

18:28
MDVSA-2010-090.txt
» ‎ Packet Storm Security Advisories

Mandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues.
Tags: samba mountpoint client mandriva-linux gain-privileges smbfs

0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
April 07, 2010
0:00
Vuln: Samba Symlink Directory Traversal Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Symlink Directory Traversal Vulnerability
Tags: directory symlink samba directory-traversal-vulnerability
April 01, 2010
15:00
Bugtraq: VMSA-2010-0006 ESX Service Console updates for samba and acpid
» ‎ SecurityFocus Vulnerabilities

VMSA-2010-0006 ESX Service Console updates for samba and acpid
Tags: console esx service acpid samba
0:00
Vuln: Samba Oplock Break Notification Remote Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Oplock Break Notification Remote Denial of Service Vulnerability
Tags: samba break oplock service-vulnerability denial-of-service
0:00
Vuln: Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
Tags: setuid samba verbose information-disclosure-vulnerability verbose-option option-information
0:00
Vuln: Samba Format String And Security Bypass Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Samba Format String And Security Bypass Vulnerabilities
Tags: samba string format format-string
March 30, 2010
0:00
Vuln: Samba Symlink Directory Traversal Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Symlink Directory Traversal Vulnerability
Tags: directory symlink samba directory-traversal-vulnerability
March 29, 2010
0:00
Vuln: Samba Oplock Break Notification Remote Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Oplock Break Notification Remote Denial of Service Vulnerability
Tags: samba break oplock service-vulnerability denial-of-service

March 28, 2010
13:55
scannedonly-0.19.tar.gz
» ‎ Packet Storm Security Tools

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

March 24, 2010
9:32
Bugtraq: [USN-918-1] Samba vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-918-1] Samba vulnerability
Tags: bugtraq vulnerability samba usn
0:00
Vuln: Samba Symlink Directory Traversal Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Symlink Directory Traversal Vulnerability
Tags: directory symlink samba directory-traversal-vulnerability
March 11, 2010
0:00
Vuln: Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability
Tags: samba override security vulnerability
March 10, 2010
0:00
Vuln: Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability
Tags: samba override security vulnerability
March 01, 2010
0:00
Vuln: Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability
Tags: samba remote client samba-client service-vulnerability denial-of-service
0:00
Vuln: Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
Tags: utility samba mount samba-mount privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
Tags: samba client local samba-client service-vulnerability denial-of-service
February 17, 2010
0:00
Vuln: Samba MS-RPC Remote Shell Command Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba MS-RPC Remote Shell Command Execution Vulnerability
Tags: ms-rpc samba remote remote-shell command-execution shell-command
February 16, 2010
0:00
Vuln: Samba MS-RPC Remote Shell Command Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba MS-RPC Remote Shell Command Execution Vulnerability
Tags: ms-rpc samba remote remote-shell command-execution shell-command
February 15, 2010
0:00
Vuln: Samba Symlink Directory Traversal Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Symlink Directory Traversal Vulnerability
Tags: directory symlink samba directory-traversal-vulnerability
February 09, 2010
9:00
Bugtraq: RE: Samba Remote Zero-Day Exploit
» ‎ SecurityFocus Vulnerabilities

RE: Samba Remote Zero-Day Exploit
Tags: day samba remote zero-day bugtraq
February 08, 2010
15:00
Bugtraq: RE: Samba Remote Zero-Day Exploit
» ‎ SecurityFocus Vulnerabilities

RE: Samba Remote Zero-Day Exploit
Tags: day samba remote zero-day bugtraq
0:00
Vuln: Samba Symlink Directory Traversal Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Symlink Directory Traversal Vulnerability
Tags: directory symlink samba directory-traversal-vulnerability
February 05, 2010
12:00
Bugtraq: Re: Samba Remote Zero-Day Exploit
» ‎ SecurityFocus Vulnerabilities

Re: Samba Remote Zero-Day Exploit
Tags: day samba remote zero-day bugtraq
10:02
Bugtraq: Samba Remote Zero-Day Exploit
» ‎ SecurityFocus Vulnerabilities

Samba Remote Zero-Day Exploit
Tags: day samba remote zero-day bugtraq

9:00
samba-traversal.txt
» ‎ Packet Storm Security Recent Files

Samba suffers from a remote directory traversal vulnerability. A remote attacker can read, list and retrieve nearly all files on the system remotely. Required is a valid samba account for a share which is writable OR a writable share which is configured to be a guest account share, in this case this is a preauth exploit.Included is a smbclient patch that exploits this vulnerability.
Tags: account samba share directory-traversal-vulnerability preauth

9:00
samba-traversal.txt
» ‎ Packet Storm Security Exploits

Samba suffers from a remote directory traversal vulnerability. A remote attacker can read, list and retrieve nearly all files on the system remotely. Required is a valid samba account for a share which is writable OR a writable share which is configured to be a guest account share, in this case this is a preauth exploit.Included is a smbclient patch that exploits this vulnerability.
Tags: account samba share directory-traversal-vulnerability preauth

February 01, 2010
19:00
scannedonly-0.18.tar.gz
» ‎ Packet Storm Security Tools

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

January 29, 2010
10:00
Bugtraq: [USN-893-1] Samba vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-893-1] Samba vulnerability
Tags: bugtraq vulnerability samba usn
0:00
Vuln: Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
Tags: setuid samba verbose information-disclosure-vulnerability verbose-option option-information
0:00
Vuln: Samba Oplock Break Notification Remote Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Oplock Break Notification Remote Denial of Service Vulnerability
Tags: samba break oplock service-vulnerability denial-of-service
0:00
Vuln: Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
Tags: misconfigured samba passwd etc-passwd file-security
January 28, 2010
0:00
Vuln: Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
Tags: misconfigured samba passwd etc-passwd file-security

January 26, 2010
0:00
scannedonly-0.17.tar.gz
» ‎ Packet Storm Security Tools

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

0:00
scannedonly-0.17.tar.gz
» ‎ Packet Storm Security Recent Files

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

January 20, 2010
10:03
scannedonly-0.16.tar.gz
» ‎ Packet Storm Security Tools

Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
Tags: samba scannedonly module scalability-problems vscan tar-gz

jetlib.sec » Tags » samba

Feeds

176 items tagged "samba"

Tags: samba dce rpc code-execution vulnerability

Tags: code-execution samba vulnerability

Tags: bugtraq mdvsa samba

Tags: samba remote security remote-security cve

Tags: samba dce rpc code-execution vulnerability

Tags: samba security dsa

Tags: samba remote security remote-security cve

Tags: server samba security server-message-block open-source-implementation samba-server

Tags: server samba security server-message-block open-source-implementation samba-server

Tags: server samba security server-message-block open-source-implementation samba-server

Tags: remote-security cve samba

Tags: samba dce rpc code-execution vulnerability

Tags: cross swat samba samba-swat forgery vulnerability

Tags: samba dce rpc code-execution vulnerability

Tags: advisory secunia security suse security-advisory samba

Tags: samba red rpc server-message-block open-source-implementation samba-suite

Tags: samba red rpc server-message-block open-source-implementation samba-suite

Tags: samba red rpc server-message-block open-source-implementation samba-suite

Tags: samba dce rpc code-execution vulnerability

Tags: samba dce rpc code-execution vulnerability

Tags: bugtraq mdvsa samba

Tags: samba red rpc server-message-block open-source-implementation samba-suite

Tags: samba red rpc server-message-block open-source-implementation samba-suite

Tags: samba red rpc server-message-block open-source-implementation samba-suite

Tags: samba red rpc server-message-block open-source-implementation samba-suite

Tags: advisory secunia security security-advisory samba

Tags: code-execution samba vulnerability

Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow

Tags: directory symlink samba directory-traversal-vulnerability

Tags: advisory secunia security suse security-advisory samba

Tags: user swat samba samba-swat cross-site-scripting vulnerability

Tags: samba client local samba-client service-vulnerability denial-of-service

Tags: utility samba mount samba-mount privilege-escalation-vulnerability local-privilege-escalation

Tags: file samba mtab service-vulnerability denial-of-service

Tags: samba set memory memory-corruption vulnerability

Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow

Tags: bugtraq mdvsa samba

Tags: samba notification ngs andx code-execution

Tags: code samba execution code-execution vulnerability

Tags: code samba execution code-execution vulnerability

Tags: code samba execution code-execution vulnerability

Tags: secunia security-advisory samba

Tags: playbook samba blackberry code-execution

Tags: playbook samba blackberry code-execution

Tags: playbook samba blackberry code-execution

Tags: notification ngs blackberry code-execution playbook samba

Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow

Tags: hat samba red arbitrary-code-execution samba-server red-hat-security

Tags: advisory secunia security security-advisory samba

Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow

Tags: andx request samba buffer-overflow-vulnerability based-buffer-overflow

Tags: server unix samba server-message-block open-source-implementation samba-clients

Tags: server unix samba server-message-block open-source-implementation samba-clients

Tags: server unix samba server-message-block open-source-implementation samba-clients

Tags: directory symlink samba directory-traversal-vulnerability

Tags: cross swat samba samba-swat forgery vulnerability

Tags: bugtraq mdvsa samba

Tags: samba client local samba-client service-vulnerability denial-of-service

Tags: file samba mtab service-vulnerability denial-of-service

Tags: samba client local samba-client service-vulnerability denial-of-service

Tags: user swat samba samba-swat cross-site-scripting vulnerability

Tags: user swat samba samba-swat cross-site-scripting vulnerability

Tags: user swat samba samba-swat cross-site-scripting vulnerability

Tags: cross swat samba samba-swat forgery vulnerability

Tags: samba client local samba-client service-vulnerability denial-of-service

Tags: cross swat samba samba-swat forgery vulnerability

Tags: samba client local samba-client service-vulnerability denial-of-service

Tags: user swat samba samba-swat cross-site-scripting vulnerability

Tags: cross swat samba samba-swat forgery vulnerability

Tags: ubuntu samba web ishikawa samba-web-administration-tool web-administration-tool samba-configuration

Tags: ubuntu samba web ishikawa samba-web-administration-tool web-administration-tool samba-configuration

Tags: ubuntu samba web ishikawa samba-web-administration-tool web-administration-tool samba-configuration

Tags: user swat samba samba-swat cross-site-scripting vulnerability