similar to: Urgent, Security: Privilege Escalation in 3.0.24?

Hello, I'm trying to set the final permissions of my shares because we comes from an old samba managed by IP, and I've noticed that when I create a new file it has the default user group (Domain Users) instead the default configured group. I've used chown and chmod g+s to do it, and when I create a new file in that folder from terminal it keepts the group, but when I create a new file

> Hello- > > I upgraded Samba from 4.6 to 4.8 on a FreeBSD 11.2 server. After the > upgrade, users cannot access the HOME folder share but they can access > other shares just fine. > > I am using the RID backend on this member server that connects to Windows- > based domain controllers. I apologize for the lengthy smb4.conf but here > it is: > [ ...snip... ] >

Hello- I upgraded Samba from 4.6 to 4.8 on a FreeBSD 11.2 server. After the upgrade, users cannot access the HOME folder share but they can access other shares just fine. I am using the RID backend on this member server that connects to Windows-based domain controllers. I apologize for the lengthy smb4.conf but here it is: #======================= Global Settings

Hi Does somebody know the workaround I have some users, who are able to log in to dovecot but others not.... even the failpermissions in directories are same. Also mbox folder is excatly same mail Some settings in /etc/dovecot.conf first_valid_uid = 500 last_valid_uid = 1500 first_valid_gid = 500 last_valid_gid = 515 default_mail_env = mbox:~/mail:INBOX=/var/spool/mail/%u So the

Thanks L.P.H and Rowland, I've just tested the L.P.H solution and after reboot I'm able to authenticate with the member server without problem. Is slow listing folders with much objects but works (maybe happened always). Here's my smb.conf: [global] workgroup = DOMAIN security = ADS realm = DOMAIN.COM server role = member server dedicated keytab file = /etc/krb5.keytab kerberos

Hi everyone. I'm encountering problems with the management of the id of the users, in the DC and in the domain members (RFC2370). I'm using Samba Version 4.2.10-Debian on Debian8.5. This is the DC configuration / result. root at samba4:/var/lib/samba# cat /etc/samba/smb.conf |grep -v '#' [global] workgroup = MYNET realm = ad.mynet.lan netbios name = SAMBA4 server

I know this question has been posed over and over (and over) again, but I'm at my wit's end. I've dug into the Samba docs, Gentoo specific docs, and PAM docs, and Googled the heck out of it... In any event, I'm running Gentoo 2006.0 (just built) running kernel 2.6.15 and Samba 3.0.21b. I'm 'trying' to set up a simple file server with SSO capabilities to a 2K AD

Anybody else seen this one? We're running Dovecot 1.0.rc7 on a different port on our live server (we're generally live with 1.0.beta5) and after a HUP to reload the user database (in a passwd-file) this morning we got:- > dovecot: Sep 22 07:45:05 Info: IMAP 14482 someuser xxx.xxx.xxx.xxx : Disconnected in IDLE > dovecot: Sep 22 07:45:05 Warning: imap-login: SSL_read() syscall

tags 446771 + patch thanks Hi, attached is a patch to fix this if you don't already have one. Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: CVE-2007-4993.patch Type: text/x-diff Size: 4742

Package: xen-unstable Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2008-0928[0]: | Qemu 0.9.1 and earlier does not perform range checks for block device | read or write requests, which allows guest host users with root | privileges to access arbitrary memory and escape the virtual machine. If you fix

From: "Richard W.M. Jones" <rjones at redhat.com> CVE-2011-4127 is a serious qemu & kernel privilege escalation bug found by Paolo Bonzini. http://seclists.org/oss-sec/2011/q4/536 An untrusted guest kernel is able to issue special SG_IO ioctls on virtio devices which qemu passes through to the host kernel without filtering or sanitizing. These ioctls allow raw sectors from

Source: xen Version: 4.1.2-2 Severity: critical Tags: security Justification: allows PV domains to escape into the dom0 context Hi, I realize you're most likely pretty well aware of that problem already, but Debian's Xen versions are vulnerable to a PV privilege escalation [1]. The issue is tracked as CVE-2012-0217 and public as of today. Therefore I am filing this bug for coordination

Hi, I found an advisory (http://www.intel.com/support/network/sb/CS-023726.htm) from intel for their LAN driver for the eepro100 and gigabit network cards. Is the FreeBSD em driver in any way affected by this problem? Looks like it is at least derived from the intel driver. greetings, philipp wuensche

Hi - Looking at https://news.ycombinator.com/item?id=5703758 I have just tried this on a fully patched 6.4 box and it seems vulnerable - Do other see the same? thanks

On 10 May 2011 16:10, "Jamie Landeg Jones" <jamie@bishopston.net> wrote: > > > It used to confuzzle sysadmins on SUNos when the mount point was > > 0700. The underlying mode disapeared when the mount was made, but it > > was still being enforced. Suddenly no one but root could use say /usr > > even though it was apparently 0755 > > I remember that

Do we know if this bug affects Centos? http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge The article states that it affects kernel 2.6.39 and above, but since RH backports so much stuff I'm not sure if this would actually include the Centos kernels. -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~

Package: xen-3.0 Version: 3.0.3-0-2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-3.0. CVE-2007-4993[0]: | pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest | domain, allows local users with elevated privileges in the guest domain to | execute arbitrary commands in domain 0 via a crafted grub.conf

Package: xen-unstable Severity: grave Tags: security Justification: user security hole Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2008-2004[0]: | The drive_init function in QEMU 0.9.1 determines the format of a raw | disk image based on the header, which allows local guest users to read | arbitrary files on the host by modifying the

Affected product: Dovecot IMAP Server Internal reference: DOV-5320 Vulnerability type: Improper Access Control (CWE-284) Vulnerable version: 2.2 Vulnerable component: submission Report confidence: Confirmed Solution status: Fixed in main Researcher credits: Julian Brook (julezman) Vendor notification: 2022-05-06 CVE reference: CVE-2022-30550 CVSS: 6.8

Affected product: Dovecot IMAP Server Internal reference: DOV-5320 Vulnerability type: Improper Access Control (CWE-284) Vulnerable version: 2.2 Vulnerable component: submission Report confidence: Confirmed Solution status: Fixed in main Researcher credits: Julian Brook (julezman) Vendor notification: 2022-05-06 CVE reference: CVE-2022-30550 CVSS: 6.8