Gentoo Linux Security Advisory 201612-47 - Multiple vulnerabilities have been found in Samba, the worst of which may allow execution of arbitrary code with root privileges. Versions less than 4.2.11 are affected.
a90feb7fa58b657e989e89a4f6c40472eeed2dc783afe5dad3b3e0c77040f948Ubuntu Security Notice 2855-2 - USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem.
7086d756a9e42b4c4cfa8d6023f2eaf650513adb4854120cd3732d1c818288b0Red Hat Security Advisory 2016-0009-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb, would cause that application to consume an excessive amount of memory and crash. A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server.
7744b8e0626a8901ae916b7e2470b53a173f787163b7b9145e30b729863d1beaRed Hat Security Advisory 2016-0014-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb, would cause that application to consume an excessive amount of memory and crash. A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server.
b68687782b26d57dd2c5e68c3efd3463fe80d9a646ae0980128e2a9152d079f3Ubuntu Security Notice 2856-1 - Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb, such as Samba, to stop responding, resulting in a denial of service. Douglas Bagnall discovered that ldb incorrectly handled certain string lengths. A remote attacker could use this issue to possibly access sensitive information from memory of applications using ldb, such as Samba. Various other issues were also addressed.
06bff63b4bcbbd739e856db003c4656d0fe21fde784af34dc73fb6bb7e9d35aeUbuntu Security Notice 2855-1 - Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. Jan Kasprzak discovered that Samba incorrectly handled certain symlinks. A remote attacker could use this issue to access files outside the exported share path. Various other issues were also addressed.
18d6b6eab4573732c5916ffb8324e2969fbb471ee55086f434a7c90629cc7e91Debian Linux Security Advisory 3433-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
da40f13d97d8facd68b0ff64d9a27c59443e12f77dc68a7c5873f1d049f3cd63
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed