rpm package
suse/samba&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25720 | Hig | 7.5 | < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | Nov 17, 2024 | A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because t | |
| CVE-2023-4154 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 7, 2023 | A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, inc | ||
| CVE-2023-42669 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 6, 2023 | A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with on | ||
| CVE-2023-3961 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 3, 2023 | A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic | ||
| CVE-2023-42670 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 3, 2023 | A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for | ||
| CVE-2023-4091 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 3, 2023 | A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client reque | ||
| CVE-2023-34968 | — | < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | Jul 20, 2023 | A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request | ||
| CVE-2023-34967 | — | < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | Jul 20, 2023 | A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in th | ||
| CVE-2023-34966 | — | < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | Jul 20, 2023 | An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements | ||
| CVE-2023-3347 | — | < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | Jul 20, 2023 | A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to per | ||
| CVE-2022-2127 | — | < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | 4.17.9+git.367.dae41ffdd1f-150500.3.5.1 | Jul 20, 2023 | An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to |
- affected < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1fixed 4.17.9+git.367.dae41ffdd1f-150500.3.5.1
A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because t
- CVE-2023-4154Nov 7, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, inc
- CVE-2023-42669Nov 6, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with on
- CVE-2023-3961Nov 3, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic
- CVE-2023-42670Nov 3, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for
- CVE-2023-4091Nov 3, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client reque
- CVE-2023-34968Jul 20, 2023affected < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1fixed 4.17.9+git.367.dae41ffdd1f-150500.3.5.1
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request
- CVE-2023-34967Jul 20, 2023affected < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1fixed 4.17.9+git.367.dae41ffdd1f-150500.3.5.1
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in th
- CVE-2023-34966Jul 20, 2023affected < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1fixed 4.17.9+git.367.dae41ffdd1f-150500.3.5.1
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements
- CVE-2023-3347Jul 20, 2023affected < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1fixed 4.17.9+git.367.dae41ffdd1f-150500.3.5.1
A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to per
- CVE-2022-2127Jul 20, 2023affected < 4.17.9+git.367.dae41ffdd1f-150500.3.5.1fixed 4.17.9+git.367.dae41ffdd1f-150500.3.5.1
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to