Displaying 20 results from an estimated 20000 matches similar to: "[Announce] Samba 4.1.11 and 4.0.21 Security Releases Available"
2011 Feb 28
5
[Announce] Samba 3.5.7, 3.4.12 and 3.3.15 Security Releases Available
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the
2011 Feb 28
5
[Announce] Samba 3.5.7, 3.4.12 and 3.3.15 Security Releases Available
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the
2011 Jul 26
1
[Announce] Samba 3.5.10, 3.4.14 and 3.3.16 Security Releases Available
Release Announcements
=====================
Samba 3.5.10, 3.4.14 and 3.3.16 are security releases in order to
address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).
o CVE-2011-2522:
The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 3.5.9 are affected by a cross-site request forgery.
o CVE-2011-2694:
2011 Jul 26
1
[Announce] Samba 3.5.10, 3.4.14 and 3.3.16 Security Releases Available
Release Announcements
=====================
Samba 3.5.10, 3.4.14 and 3.3.16 are security releases in order to
address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).
o CVE-2011-2522:
The Samba Web Administration Tool (SWAT) in Samba versions
3.0.x to 3.5.9 are affected by a cross-site request forgery.
o CVE-2011-2694:
2012 Apr 10
3
[Announce] Samba 3.6.4, 3.5.14 and 3.4.16 Security Releases Available
Release Announcements
=====================
Samba 3.6.4, 3.5.14 and 3.4.16 are security releases in order to
address CVE-2012-1182.
o CVE-2012-1182:
Samba 3.0.x to 3.6.3 are affected by a
vulnerability that allows remote code
execution as the "root" user.
Changes:
--------
o Stefan Metzmacher <metze at samba.org>
*BUG 8815: PIDL based autogenerated code allows
2012 Apr 10
3
[Announce] Samba 3.6.4, 3.5.14 and 3.4.16 Security Releases Available
Release Announcements
=====================
Samba 3.6.4, 3.5.14 and 3.4.16 are security releases in order to
address CVE-2012-1182.
o CVE-2012-1182:
Samba 3.0.x to 3.6.3 are affected by a
vulnerability that allows remote code
execution as the "root" user.
Changes:
--------
o Stefan Metzmacher <metze at samba.org>
*BUG 8815: PIDL based autogenerated code allows
2010 Sep 14
1
[Announce] Samba 3.5.5, 3.4.9 and 3.3.14 Security Releases Available
Release Announcements
=====================
These are a security releases in order to address CVE-2010-3069.
o CVE-2010-3069:
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of
2010 Sep 14
1
[Announce] Samba 3.5.5, 3.4.9 and 3.3.14 Security Releases Available
Release Announcements
=====================
These are a security releases in order to address CVE-2010-3069.
o CVE-2010-3069:
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of
2022 Dec 15
1
[Announce] Samba 4.17.4, 4.16.8 and 4.15.13 Security Releases are available for Download
Release Announcements
---------------------
This are security releases in order to address the following defects:
o CVE-2022-37966: This is the Samba CVE for the Windows Kerberos
????????????????? RC4-HMAC Elevation of Privilege Vulnerability
????????????????? disclosed by Microsoft on Nov 8 2022.
????????????????? A Samba Active Directory DC will issue weak rc4-hmac
?????????????????
2022 Dec 15
1
[Announce] Samba 4.17.4, 4.16.8 and 4.15.13 Security Releases are available for Download
Release Announcements
---------------------
This are security releases in order to address the following defects:
o CVE-2022-37966: This is the Samba CVE for the Windows Kerberos
????????????????? RC4-HMAC Elevation of Privilege Vulnerability
????????????????? disclosed by Microsoft on Nov 8 2022.
????????????????? A Samba Active Directory DC will issue weak rc4-hmac
?????????????????
2014 Oct 20
0
[Announce] Samba 4.1.13 Available for Download
=====================================================================
"I'm not insane. My mother had me tested!"
Sheldon, Big Bang Theory
=====================================================================
Release Announcements
---------------------
This is the latest stable release of Samba 4.1.
Changes since 4.1.12:
---------------------
o Michael Adam
2014 Oct 20
0
[Announce] Samba 4.1.13 Available for Download
=====================================================================
"I'm not insane. My mother had me tested!"
Sheldon, Big Bang Theory
=====================================================================
Release Announcements
---------------------
This is the latest stable release of Samba 4.1.
Changes since 4.1.12:
---------------------
o Michael Adam
2008 May 28
4
CVE-2008-1105 - Boundary failure when parsing SMB responses
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Boundary failure when parsing SMB responses
== can result in a buffer overrun
==
== CVE ID#: CVE-2008-1105
==
== Versions: Samba 3.0.0 - 3.0.29 (inclusive)
==
== Summary: Specifically crafted SMB responses can result
== in a heap overflow
2008 Nov 27
2
[Announce] Samba 3.2.5 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2008-4314 ("Potential leak of
arbitrary memory contents").
o CVE-2008-4314
Samba 3.0.29 to 3.2.4 can potentially leak
arbitrary memory contents to malicious
clients.
The original security announcement for this and past
2008 Nov 27
2
[Announce] Samba 3.2.5 Available for Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Release Announcements
=====================
This is a security release in order to address CVE-2008-4314 ("Potential leak of
arbitrary memory contents").
o CVE-2008-4314
Samba 3.0.29 to 3.2.4 can potentially leak
arbitrary memory contents to malicious
clients.
The original security announcement for this and past
2016 May 12
2
Openssl vulnerability
Hi Team,
I have a centos 7 running server with openssl version openssl-1.0.1e-51.el7_2.4.x86_64, I have received a set of vulnerability from security team, can anyone tell me as per below CVE do I need to update my openssl version to 1.0.1t? Or the current version which we have is safe.
CVE-2016-0701, CVE-2015-3197
CVE-2015-4000
CVE-2015-0204
CVE-2015-0286, CVE-2015-0287, CVE-2015-0289,
2018 Mar 13
2
[Announce] Samba 4.7.6, 4.6.14 and 4.5.16 Security Releases Available for Download
Release Announcements
---------------------
These are security release in order to address the following defects:
o CVE-2018-1050 (Denial of Service Attack on external print server.)
o CVE-2018-1057 (Authenticated users can change other users' password.)
=======
Details
=======
o CVE-2018-1050:
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
service attack
2018 Mar 13
2
[Announce] Samba 4.7.6, 4.6.14 and 4.5.16 Security Releases Available for Download
Release Announcements
---------------------
These are security release in order to address the following defects:
o CVE-2018-1050 (Denial of Service Attack on external print server.)
o CVE-2018-1057 (Authenticated users can change other users' password.)
=======
Details
=======
o CVE-2018-1050:
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
service attack
2015 Apr 27
5
Centos security update
Thanks for the replies. The tool that we used for testing the security
vulnerability is "Nessus".
I have glibc version 2.17-78.el7, I saw that CVE-2015-0235 (Ghost) is fixed
in this version and I want to apply patch for the vulnerbailities
CVE-2015-1472 & CVE-2015-1473. Can you please help me in finding the right
version that has fixes for these?
Thanks
On Sat, Apr 25, 2015 at
2024 Jan 23
1
SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) on Red Hat Enterprise Linux release 8.7 (Ootpa)
You might find RedHat's CVE page on this useful:
https://access.redhat.com/security/cve/cve-2023-48795
On Tue, Jan 23, 2024 at 10:04?AM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:
> Hi,
>
> I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise
> Linux release 8.7 (Ootpa). The details are as follows.
>
> # rpm -qa | grep openssh
>