Package samba updated to version 3.5.22-alt0.M60P.1 for branch p6 in task 140944.

Published: 2013-12-10

BDU:2015-00382

Уязвимость программного обеспечения Samba, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (9.6) Vector: AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2013-02-02

BDU:2015-04392

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: MEDIUM (5.1)

References:

Published: 1970-01-01

BDU:2015-04393

Severity: MEDIUM (5.1)

References:

Published: 2013-08-06

BDU:2015-05647

Уязвимость функции read_nttrans_ea_list программного обеспечения для обращения к сетевым дискам Samba, связанная с целочисленным переполнением через созданные записи в таблице документа, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2013-4124

Published: 2013-08-06

BDU:2015-05648

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить доступность защищаемой информации

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05649

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05650

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05651

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05652

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05653

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05654

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05655

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05656

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05657

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05658

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05659

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05660

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05661

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05662

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05663

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05664

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05665

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05666

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05667

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 2013-08-05

BDU:2015-05668

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05669

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05670

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05671

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05672

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05673

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05674

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05675

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05676

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05677

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05678

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 1970-01-01

BDU:2015-05679

Severity: MEDIUM (5.0)

References:

CVE-2013-4124

Published: 2014-03-17

BDU:2015-06051

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.9)

References:

Published: 2010-02-26

BDU:2015-06052

References:

Published: 2014-03-17

BDU:2015-06324

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-06326

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-06507

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-06512

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-06517

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-06525

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-08944

Уязвимости операционной системы CentOS, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.9)

References:

Published: 2014-03-17

BDU:2015-08945

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-08946

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-08947

Severity: CRITICAL (10.0)

References:

Published: 2014-03-17

BDU:2015-08948

Severity: CRITICAL (10.0)

References:

Published: 2015-02-23

BDU:2015-10377

Уязвимость функции the _netr_ServerPasswordSet пакета программ сетевого взаимодействия Samba, позволяющая нарушителю выполнить произвольный код c привилегиями администратора

Severity: CRITICAL (10.0) Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2013-02-03
Modified: 2024-11-21

CVE-2013-0213

The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.

Severity: MEDIUM (5.1)

References:

Published: 2013-02-03
Modified: 2024-11-21

CVE-2013-0214

Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.

Severity: MEDIUM (5.1)

References:

Published: 2013-08-06
Modified: 2024-11-21

CVE-2013-4124

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Severity: MEDIUM (5.0)

References:

Published: 2013-12-10
Modified: 2024-11-21

CVE-2013-4408

Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.

Severity: HIGH (8.3)

References:

Published: 2015-02-24
Modified: 2024-11-21

CVE-2015-0240

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

Severity: CRITICAL (10.0)

References:

Version: 2.1.0

ALT-PU-2015-1200-1

Closed vulnerabilities