Gentoo Linux Security Advisory 202309-6 - Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected.
6a49581d3fdfb4a2202121f6c5b6544b859edc2a8b279089f9dbccf4ce66b153Ubuntu Security Notice 5174-2 - USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. This update fixes the problem.
94cb64ff0292b0a999aaa0506f608776fc641f072e85a0d0123da728e800bdffUbuntu Security Notice 5142-3 - USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Various other issues were also addressed.
c2c8fcea9831797fd889f4570b8becd0d331cdb36d976a471a6dba4dad44aa41Ubuntu Security Notice 5142-2 - USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced regressions in name mapping and backups.
60ab885b043b1a4da1c403e7daee521f43b6fd29bf4dfb92a58090f1096a405dUbuntu Security Notice 5174-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
25c5c900f4302b24fc3b0236ad0320fa6c9153a96b6a27157cc077591a889f60Debian Linux Security Advisory 5003-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
0a7a09e04fa990a7673cc76314010ed6afc0c0ce0c674ddd1e882aa9f5c1973aUbuntu Security Notice 5142-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos tickets issues by an RODC. An RODC could print administrator tickets, contrary to expectations. Various other issues were also addressed.
61f1542773f3e13406c8cb0829dff2a3c2436272d81dd4de2c0b0a2767455f98
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed