VYPR

rpm package

suse/samba-doc&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP3

pkg:rpm/suse/samba-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3

Vulnerabilities (4)

  • CVE-2015-5330HigDec 29, 2015
    affected < 3.6.3-64.1fixed 3.6.3-64.1

    ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1

  • CVE-2015-5299MedDec 29, 2015
    affected < 3.6.3-64.1fixed 3.6.3-64.1

    The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by

  • CVE-2015-5296MedDec 29, 2015
    affected < 3.6.3-64.1fixed 3.6.3-64.1

    Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to

  • CVE-2015-5252HigDec 29, 2015
    affected < 3.6.3-64.1fixed 3.6.3-64.1

    vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.