VYPR

rpm package

almalinux/samba-vfs-iouring

pkg:rpm/almalinux/samba-vfs-iouring

Vulnerabilities (23)

  • CVE-2021-44141Feb 21, 2022
    affected < 4.15.5-5.el8fixed 4.15.5-5.el8

    All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this

  • CVE-2020-25717Feb 18, 2022
    affected < 4.14.5-7.el8_5fixed 4.14.5-7.el8_5

    A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

  • CVE-2016-2124Feb 18, 2022
    affected < 4.14.5-7.el8_5fixed 4.14.5-7.el8_5

    A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

Page 2 of 2