rpm package
suse/samba&distro=SUSE Linux Enterprise High Availability Extension 12 SP3
pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-14746 | Cri | 9.8 | < 4.6.9+git.59.c2cff9cea4c-3.17.1 | 4.6.9+git.59.c2cff9cea4c-3.17.1 | Nov 27, 2017 | Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request. | |
| CVE-2017-11103 | Hig | 8.1 | < 4.6.7+git.38.90b2cdb4f22-3.7.1 | 4.6.7+git.38.90b2cdb4f22-3.7.1 | Jul 13, 2017 | Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encr |
- affected < 4.6.9+git.59.c2cff9cea4c-3.17.1fixed 4.6.9+git.59.c2cff9cea4c-3.17.1
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
- affected < 4.6.7+git.38.90b2cdb4f22-3.7.1fixed 4.6.7+git.38.90b2cdb4f22-3.7.1
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encr
Page 2 of 2