exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2015-7560

Status Candidate

Overview

The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

Related Files

HP Security Bulletin HPSBUX03596 2
Posted Mar 20, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03596 2 - A security vulnerability in Samba was addressed by HPE HP-UX running CIFS Server (Samba). The vulnerability could be exploited resulting in remote access restriction bypass and unauthorized access. Revision 2 of this advisory.

tags | advisory, remote
systems | hpux
advisories | CVE-2015-7560
SHA-256 | d841f519b91c644cd53e085dff736d033e160d2adae9e3588ae69a1f6ed05cb1
HP Security Bulletin HPSBUX03596 1
Posted May 11, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03596 1 - A security vulnerability in Samba was addressed by HPE HP-UX running CIFS Server (Samba). The vulnerability could be exploited resulting in remote access restriction bypass and unauthorized access. Revision 1 of this advisory.

tags | advisory, remote
systems | hpux
advisories | CVE-2015-7560
SHA-256 | e898f5880922ffdf8c30a8d319996d5b29645af69d70eea364258818e0e6290d
Red Hat Security Advisory 2016-0448-01
Posted Mar 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0448-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-7560
SHA-256 | 15d147d8d83d27cf556cc71cfa5cc4d17d4728306a2f0d315076306fc5e40e6c
Red Hat Security Advisory 2016-0447-01
Posted Mar 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0447-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-7560
SHA-256 | 923dda42fd4658ae20209c787b6e151a963069dec6dc7f25f2593acbe816c718
Red Hat Security Advisory 2016-0449-01
Posted Mar 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0449-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-7560
SHA-256 | bbb0b6e602d7adb691e204774af0b9fd29e7eb20e1030e6bf5472e34d52eb0e6
Debian Security Advisory 3514-1
Posted Mar 14, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3514-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2015-7560, CVE-2016-0771
SHA-256 | 2e1edc4684862c32448efa8de999e75547d374c6933165ec33ac77249bf6d9eb
Slackware Security Advisory - samba Updates
Posted Mar 8, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7560, CVE-2016-0771
SHA-256 | 274d84c171279ccff7e3225ed2dbe4dbf2aa420514a84b8855d2dd0bc9b90adf
Ubuntu Security Notice USN-2922-1
Posted Mar 8, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2922-1 - Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly obtain uninitialized memory contents. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-0213, CVE-2013-0214, CVE-2015-7560, CVE-2016-0771
SHA-256 | d89321fe54aaae2fee8ac4126b5ed1dd4b4a026fe607daad51d94d265b82ac95
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close