Debian Linux Security Advisory 5525-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation.
796922c8109c26f29b46a6c85521b96598f1e79e22b650b1166a48c9207bd4e0Debian Linux Security Advisory 5524-1 - Kevin Backhouse discovered an out-of-bounds array access in Libcue, a library for parsing CD metadata, which could result in the execution of arbitrary code.
0dc64d4ebf0f6239a32a14b6769b865a9f52d1ecca767b643d7833243549abdbUbuntu Security Notice 6425-2 - USN-6425-1 fixed vulnerabilities in Samba. Due to a build issue on Ubuntu 20.04 LTS, the update introduced regressions in macro handling and possibly other functionality. This update fixes the problem. Sri Nagasubramanian discovered that the Samba acl_xattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. Andrew Bartlett discovered that Samba incorrectly handled the DirSync control. A remote attacker with an RODC DC account could possibly use this issue to obtain all domain secrets. Andrew Bartlett discovered that Samba incorrectly handled the rpcecho development server. A remote attacker could possibly use this issue to cause Samba to stop responding, resulting in a denial of service. Kirin van der Veer discovered that Samba incorrectly handled certain RPC service listeners. A remote attacker could possibly use this issue to cause Samba to start multiple incompatible RPC listeners, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
0fa2c81e3cb8d54ab0638f2dd3d416aafde2a3eadc511814ef0fb1bbf0af7ed0Dawa Pharma version 1.0-2022 suffers from a remote SQL injection vulnerability.
f4e5f3b21053e45bc64dfe5a4a134118801da152919bd521c82fa9b04dad9204Lost and Found Information System version 1.0 suffers from an insecure direct object reference vulnerability that allows for account takeover.
37bf336b197bfc7b731eb17e7784ed7321a5aa6c943c3b7e16884d1780c1eca5Ubuntu Security Notice 6429-2 - USN-6429-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections.
211a76272374a882b7a467a4ffd2ecb79519a76199cb3aad13e8f2d5864a2e82Clinic's Patient Management System version 1.0 suffers from a remote shell upload vulnerability.
a2bab2072f94bc92a8eb4477dbec67ab9cc1cba577230d67b8d7c8aa56a1b99d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed