Gentoo Linux Security Advisory 201206-29 - Multiple vulnerabilities were found in mount-cifs, the worst of which leading to privilege escalation. Versions less than 3.4.6 are affected.
aec8dbbc16f75047942983e84a3b0014380e54e4ec733595b3b7b9ad80ab33d5VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.
e35a8f609b986bb8b2fc490b895224847eba088cf1f87974f9bc5820e0c3c589Red Hat Security Advisory 2011-1219-01 - Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting flaw was found in the password change page of the Samba Web Administration Tool. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's SWAT session. It was found that SWAT web pages did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, the attacker could perform Samba configuration changes with the privileges of the logged in user.
5937696c9bd55e106006e37ce7137dfe26a1fa85701c6b3b20738adf722591c2Mandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues. It was discovered that the previous Samba update required libtalloc from Samba4 package. Therefore, this update provides the required packages in order to fix the issue.
5d3e9ae410d746e54c09b0cc3c671084391f0edab02e963789588bce134a392eMandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues.
ccfda0113d596bf024ec0360c4b46676053de6e3625e6ae746bb90f51efa9c31Debian Linux Security Advisory 2004-1 - Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix.
da19232c162776c736a03d1a16ac798f1539e38b97c6a1ae2359ab73c0156ab0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed