Red Hat Security Advisory 2017-2778-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
90e4d59d523bfd0324aa344e6329f791d3e861d3915594325338f11b5393a026Red Hat Security Advisory 2017-2789-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
a8cc2c9ae85665ac880ca785b563e8c299483d8d2baeccb37150982ed7663e29Red Hat Security Advisory 2017-2338-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories, in areas of the server file system not exported under the share definitions.
e2f3c035f6437815bfc98b0e784bab9e8144444eb788738a8a5bebcb101ea653HPE Security Bulletin HPESBNS03755 1 - HPE NonStop Server using Samba is vulnerable to remote code execution and remote access restriction bypass. Revision 1 of this advisory.
6264307a040e00f452b44dd1e3a75e45b9b8464c01f2410521a492ef1512dc09Red Hat Security Advisory 2017-1265-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
4098aa20948ce3f8ca4c274f5eed9f9ca798a1f08ce911aefc1cc64b5cf7492fUbuntu Security Notice 3267-1 - Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.
380cf9bf4beda1eda84eea11a36b4452ad006b1cfa8e93c8e4f2d3defff5110cSamba suffers from a symlink race that permits opening files outside of the share directory.
cbefcff5a7cc202c2a305ae0688d0de66a0ef4a9774c1d54a3d82ebf5097e489Ubuntu Security Notice 3242-1 - Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.
5721a484f007e4387e61606880abd28d54a61d5e2dee1cb56fa0c469a69361d2Debian Linux Security Advisory 3816-1 - Jann Horn of Google discovered a time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploiting a symlink race to access areas of the server file system not exported under a share definition.
434a20cacd3bd0934e9033297b94d7d20538dcdd16b9aa801bbe945b0951ceb5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed