exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2023-3961

Status Candidate

Overview

A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.

Related Files

Gentoo Linux Security Advisory 202402-28
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2018-14628, CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670
SHA-256 | c1b77ea663583d7b2f9d45426761c56ddbb0b4ac671059fc79dbe605a5da5b12
Download | Favorite | View
Red Hat Security Advisory 2024-0119-03
Posted Jan 11, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0119-03 - An update for libxml2 is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-39615
SHA-256 | d1d194560e7ff07e8a6dd0fdc23f5f1b94bc767e45abb77031aceeaa6e303183
Download | Favorite | View
Red Hat Security Advisory 2023-7747-03
Posted Dec 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7747-03 - An update for libxml2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-39615
SHA-256 | cf0ed73dffc335484b496c5c29643c9bc05b7f3be3c4430ae99015d46b35e1a2
Download | Favorite | View
Red Hat Security Advisory 2023-7544-01
Posted Nov 29, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7544-01 - An update for libxml2 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-39615
SHA-256 | 09439786cb31755a3a1040e7832c1031fd61a62ed7a0ba691242122284121725
Download | Favorite | View
Red Hat Security Advisory 2023-7467-01
Posted Nov 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7467-01 - An update for samba is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-3961
SHA-256 | 5e70af2312295b1b0ca486b20e09ebe94e6f89064e7c4c3770f0bdec3ad9fadf
Download | Favorite | View
Red Hat Security Advisory 2023-7464-01
Posted Nov 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7464-01 - An update for samba is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-3961
SHA-256 | a0770b85c2510927a2e9af35426ec77edecaa48a7db9d7a3236b379c6521feb2
Download | Favorite | View
Red Hat Security Advisory 2023-7408-01
Posted Nov 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7408-01 - An update for samba is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-3961
SHA-256 | bab361794e0de30d927a13401bc5e34f0a717ba134aab4f6fa356b379239fe0f
Download | Favorite | View
Red Hat Security Advisory 2023-7371-01
Posted Nov 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7371-01 - An update for samba is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-3961
SHA-256 | 6aa7e78c8d8f765e55758a9a76b6ed41f377419b694e8a55417f1caa1b82780e
Download | Favorite | View
Red Hat Security Advisory 2023-6744-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6744-01 - An update for samba is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-3961
SHA-256 | 4d1a02ed953c30bd88259a04d03171a4ab6e1fe7fd8a0f0ccd6df0f0a5c17892
Download | Favorite | View
Red Hat Security Advisory 2023-6209-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6209-01 - An update for samba is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-3961
SHA-256 | b0df89e875cefc947283422f90dc9c013a9e0c2fbe248d6ed72eb7d474462886
Download | Favorite | View
Debian Security Advisory 5525-1
Posted Oct 12, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5525-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, unix, debian
advisories | CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670
SHA-256 | 796922c8109c26f29b46a6c85521b96598f1e79e22b650b1166a48c9207bd4e0
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    49 Files
  • 16
    Oct 16th
    28 Files
  • 17
    Oct 17th
    23 Files
  • 18
    Oct 18th
    10 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    5 Files
  • 22
    Oct 22nd
    12 Files
  • 23
    Oct 23rd
    23 Files
  • 24
    Oct 24th
    9 Files
  • 25
    Oct 25th
    10 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close