ALT-BU-2013-1439-1
Branch p7 update bulletin.
Closed vulnerabilities
BDU:2015-00382
Уязвимость программного обеспечения Samba, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-00390
Уязвимость программного обеспечения Samba, позволяющая удаленному злоумышленнику нарушить конфиденциальность и целостность защищаемой информации
BDU:2015-06049
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
BDU:2015-08932
Уязвимости операционной системы CentOS, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2012-6150
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.
- FEDORA-2014-9132
- FEDORA-2014-9132
- FEDORA-2014-7672
- FEDORA-2014-7672
- SUSE-SU-2014:0024
- SUSE-SU-2014:0024
- openSUSE-SU-2016:1106
- openSUSE-SU-2016:1106
- openSUSE-SU-2016:1107
- openSUSE-SU-2016:1107
- openSUSE-SU-2013:1921
- openSUSE-SU-2013:1921
- openSUSE-SU-2014:0405
- openSUSE-SU-2014:0405
- HPSBUX03087
- HPSBUX03087
- SSRT101413
- SSRT101413
- [oss-security] 20131202 Re: CVE request: samba pam_winbind authentication fails open
- [oss-security] 20131202 Re: CVE request: samba pam_winbind authentication fails open
- RHSA-2014:0330
- RHSA-2014:0330
- GLSA-201502-15
- GLSA-201502-15
- MDVSA-2013:299
- MDVSA-2013:299
- USN-2054-1
- USN-2054-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1036897
- https://bugzilla.redhat.com/show_bug.cgi?id=1036897
- https://bugzilla.samba.org/show_bug.cgi?id=10300
- https://bugzilla.samba.org/show_bug.cgi?id=10300
- [samba-technical] 20120612 winbind pam security problem
- [samba-technical] 20120612 winbind pam security problem
- [samba-technical] 20131128 fail authentication if user isn't member of *any* require_membership_of specified groups
- [samba-technical] 20131128 fail authentication if user isn't member of *any* require_membership_of specified groups
Modified: 2024-11-21
CVE-2013-4408
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
- FEDORA-2014-9132
- FEDORA-2014-9132
- FEDORA-2014-7672
- FEDORA-2014-7672
- SUSE-SU-2014:0024
- SUSE-SU-2014:0024
- openSUSE-SU-2016:1106
- openSUSE-SU-2016:1106
- openSUSE-SU-2016:1107
- openSUSE-SU-2016:1107
- openSUSE-SU-2013:1921
- openSUSE-SU-2013:1921
- openSUSE-SU-2014:0405
- openSUSE-SU-2014:0405
- HPSBUX03087
- HPSBUX03087
- SSRT101413
- SSRT101413
- RHSA-2013:1805
- RHSA-2013:1805
- RHSA-2013:1806
- RHSA-2013:1806
- RHSA-2014:0009
- RHSA-2014:0009
- GLSA-201502-15
- GLSA-201502-15
- DSA-2812
- DSA-2812
- MDVSA-2013:299
- MDVSA-2013:299
- http://www.samba.org/samba/ftp/patches/security/samba-4.1.2-CVE-2013-4408-CVE-2012-6150.patch
- http://www.samba.org/samba/ftp/patches/security/samba-4.1.2-CVE-2013-4408-CVE-2012-6150.patch
- http://www.samba.org/samba/security/CVE-2013-4408
- http://www.samba.org/samba/security/CVE-2013-4408
- 64191
- 64191
- USN-2054-1
- USN-2054-1
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-3628
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability
- http://www.exploit-db.com/exploits/29321
- http://www.exploit-db.com/exploits/29321
- http://www.securityfocus.com/bid/63453
- http://www.securityfocus.com/bid/63453
- https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one
- https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one
- https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
- https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
Package altlinux-mime-defaults updated to version 0.27-alt1 for branch p7 in task 110327.
Closed bugs
Снизить приоритет mplayer* для video/*
DeaDBeeF ассоциации аудио-файлов
Closed vulnerabilities
No data currently available.
No data currently available.