rpm package
suse/talloc&distro=SUSE Linux Enterprise Software Development Kit 12
pkg:rpm/suse/talloc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8467 | Hig | 7.5 | < 2.1.5-3.4.1 | 2.1.5-3.4.1 | Dec 29, 2015 | The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticate | |
| CVE-2015-5330 | Hig | 7.5 | < 2.1.5-3.4.1 | 2.1.5-3.4.1 | Dec 29, 2015 | ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1 | |
| CVE-2015-5299 | Med | 5.3 | < 2.1.5-3.4.1 | 2.1.5-3.4.1 | Dec 29, 2015 | The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by | |
| CVE-2015-5296 | Med | 5.4 | < 2.1.5-3.4.1 | 2.1.5-3.4.1 | Dec 29, 2015 | Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to | |
| CVE-2015-5252 | Hig | 7.2 | < 2.1.5-3.4.1 | 2.1.5-3.4.1 | Dec 29, 2015 | vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share. | |
| CVE-2015-3223 | Med | 5.3 | < 2.1.5-3.4.1 | 2.1.5-3.4.1 | Dec 29, 2015 | The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) |
- affected < 2.1.5-3.4.1fixed 2.1.5-3.4.1
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticate
- affected < 2.1.5-3.4.1fixed 2.1.5-3.4.1
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1
- affected < 2.1.5-3.4.1fixed 2.1.5-3.4.1
The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by
- affected < 2.1.5-3.4.1fixed 2.1.5-3.4.1
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to
- affected < 2.1.5-3.4.1fixed 2.1.5-3.4.1
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.
- affected < 2.1.5-3.4.1fixed 2.1.5-3.4.1
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop)