what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2018-16841

Status Candidate

Overview

Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.

Related Files

Gentoo Linux Security Advisory 202003-52
Posted Mar 26, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-52 - Multiple vulnerabilities have been found in Samba, the worst of which could lead to remote code execution. Versions less than 4.11.6 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139, CVE-2018-1140, CVE-2018-14629, CVE-2018-16841, CVE-2018-16851, CVE-2018-16852, CVE-2018-16853, CVE-2018-16857, CVE-2018-16860, CVE-2019-10197, CVE-2019-14861, CVE-2019-14870, CVE-2019-14902, CVE-2019-14907, CVE-2019-19344
SHA-256 | 78ecd3bc02b0f10129021084736ee7cc0c9408898c589745d90193370efe75aa
Download | Favorite | View
Slackware Security Advisory - samba Updates
Posted Nov 30, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-14629, CVE-2018-16841, CVE-2018-16851, CVE-2018-16852, CVE-2018-16853, CVE-2018-16857
SHA-256 | 671fbca86bbc5a91ba38e250555985ef427c47025b7d59bbb3bd26f4e94c089c
Download | Favorite | View
Debian Security Advisory 4345-1
Posted Nov 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4345-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2018-14629, CVE-2018-16841, CVE-2018-16851
SHA-256 | 8e8662ce6c65cf8afbe1105d2a8bdc36b597add5ac00992a1699de767fa80143
Download | Favorite | View
Ubuntu Security Notice USN-3827-2
Posted Nov 28, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3827-2 - USN-3827-1 fixed a vulnerability in samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Florian Stuelpner discovered that Samba incorrectly handled CNAME records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-14629, CVE-2018-16841, CVE-2018-16851
SHA-256 | 7db0d77361d81832ac500d6926d20bd91a314d5e196908f013fdb41d3ea16986
Download | Favorite | View
Ubuntu Security Notice USN-3827-1
Posted Nov 27, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3827-1 - Florian Stuelpner discovered that Samba incorrectly handled CNAME records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service. Alex MacCuish discovered that Samba incorrectly handled memory when configured to accept smart-card authentication. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-14629, CVE-2018-16841, CVE-2018-16851
SHA-256 | 52eab17c24ac653301862d040a9c6d4c27fd54410da5479f5553da89f86b72d3
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    11 Files
  • 7
    Aug 7th
    43 Files
  • 8
    Aug 8th
    42 Files
  • 9
    Aug 9th
    36 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    27 Files
  • 13
    Aug 13th
    18 Files
  • 14
    Aug 14th
    50 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close