CRITICAL10.0
Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
Severity:
Closed issues (20)
CRITICAL10.0
Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL10.0
Уязвимости операционной системы Red Hat Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CCRITICAL9.3
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I
- http://marc.info/?l=bugtraq&m=104792646416629&w=2
- http://marc.info/?l=bugtraq&m=104792723017768&w=2
- http://marc.info/?l=bugtraq&m=104801012929374&w=2
- http://secunia.com/advisories/8299
- http://secunia.com/advisories/8303
- http://www.debian.org/security/2003/dsa-262
- http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml
- http://www.kb.cert.org/vuls/id/298233
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:032
- http://www.novell.com/linux/security/advisories/2003_016_samba.html
- http://www.redhat.com/support/errata/RHSA-2003-095.html
- http://www.redhat.com/support/errata/RHSA-2003-096.html
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/archive/1/317145/30/25220/threaded
- http://www.securityfocus.com/archive/1/317145/30/25220/threaded
- http://www.securityfocus.com/bid/7106
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A552
- ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I
- http://marc.info/?l=bugtraq&m=104792646416629&w=2
- http://marc.info/?l=bugtraq&m=104792723017768&w=2
- http://marc.info/?l=bugtraq&m=104801012929374&w=2
- http://secunia.com/advisories/8299
- http://secunia.com/advisories/8303
- http://www.debian.org/security/2003/dsa-262
- http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml
- http://www.kb.cert.org/vuls/id/298233
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:032
- http://www.novell.com/linux/security/advisories/2003_016_samba.html
- http://www.redhat.com/support/errata/RHSA-2003-095.html
- http://www.redhat.com/support/errata/RHSA-2003-096.html
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/archive/1/317145/30/25220/threaded
- http://www.securityfocus.com/archive/1/317145/30/25220/threaded
- http://www.securityfocus.com/bid/7106
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A552
LOW1.2
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
CVSS 2.0LOW 1.2
CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:P/A:NReferences
- ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I
- http://marc.info/?l=bugtraq&m=104792646416629&w=2
- http://marc.info/?l=bugtraq&m=104801012929374&w=2
- http://secunia.com/advisories/8299
- http://secunia.com/advisories/8303
- http://www.debian.org/security/2003/dsa-262
- http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:032
- http://www.novell.com/linux/security/advisories/2003_016_samba.html
- http://www.redhat.com/support/errata/RHSA-2003-095.html
- http://www.redhat.com/support/errata/RHSA-2003-096.html
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/bid/7107
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A554
- ftp://patches.sgi.com/support/free/security/advisories/20030302-01-I
- http://marc.info/?l=bugtraq&m=104792646416629&w=2
- http://marc.info/?l=bugtraq&m=104801012929374&w=2
- http://secunia.com/advisories/8299
- http://secunia.com/advisories/8303
- http://www.debian.org/security/2003/dsa-262
- http://www.gentoo.org/security/en/glsa/glsa-200303-11.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:032
- http://www.novell.com/linux/security/advisories/2003_016_samba.html
- http://www.redhat.com/support/errata/RHSA-2003-095.html
- http://www.redhat.com/support/errata/RHSA-2003-096.html
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/archive/1/316165/30/25370/threaded
- http://www.securityfocus.com/bid/7107
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A554
CRITICAL10.0
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- http://marc.info/?l=bugtraq&m=104973186901597&w=2
- http://marc.info/?l=bugtraq&m=104974612519064&w=2
- http://www.debian.org/security/2003/dsa-280
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:044
- http://www.redhat.com/support/errata/RHSA-2003-137.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A564
- http://marc.info/?l=bugtraq&m=104973186901597&w=2
- http://marc.info/?l=bugtraq&m=104974612519064&w=2
- http://www.debian.org/security/2003/dsa-280
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:044
- http://www.redhat.com/support/errata/RHSA-2003-137.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A564
CRITICAL10.0
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- ftp://patches.sgi.com/support/free/security/advisories/20030403-01-P
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000624
- http://marc.info/?l=bugtraq&m=104972664226781&w=2
- http://marc.info/?l=bugtraq&m=104974612519064&w=2
- http://marc.info/?l=bugtraq&m=104981682014565&w=2
- http://marc.info/?l=bugtraq&m=104994564212488&w=2
- http://www.debian.org/security/2003/dsa-280
- http://www.digitaldefense.net/labs/advisories/DDI-1013.txt
- http://www.kb.cert.org/vuls/id/267873
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:044
- http://www.novell.com/linux/security/advisories/2003_025_samba.html
- http://www.redhat.com/support/errata/RHSA-2003-137.html
- http://www.securityfocus.com/bid/7294
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2163
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A567
- ftp://patches.sgi.com/support/free/security/advisories/20030403-01-P
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000624
- http://marc.info/?l=bugtraq&m=104972664226781&w=2
- http://marc.info/?l=bugtraq&m=104974612519064&w=2
- http://marc.info/?l=bugtraq&m=104981682014565&w=2
- http://marc.info/?l=bugtraq&m=104994564212488&w=2
- http://www.debian.org/security/2003/dsa-280
- http://www.digitaldefense.net/labs/advisories/DDI-1013.txt
- http://www.kb.cert.org/vuls/id/267873
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:044
- http://www.novell.com/linux/security/advisories/2003_025_samba.html
- http://www.redhat.com/support/errata/RHSA-2003-137.html
- http://www.securityfocus.com/bid/7294
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2163
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A567
CRITICAL10.0
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
- http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
- http://secunia.com/advisories/13453/
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
- http://www.debian.org/security/2005/dsa-701
- http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
- http://www.kb.cert.org/vuls/id/226184
- http://www.novell.com/linux/security/advisories/2004_45_samba.html
- http://www.redhat.com/support/errata/RHSA-2005-020.html
- http://www.samba.org/samba/security/CAN-2004-1154.html
- http://www.securityfocus.com/bid/11973
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
- http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
- http://secunia.com/advisories/13453/
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
- http://www.debian.org/security/2005/dsa-701
- http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
- http://www.kb.cert.org/vuls/id/226184
- http://www.novell.com/linux/security/advisories/2004_45_samba.html
- http://www.redhat.com/support/errata/RHSA-2005-020.html
- http://www.samba.org/samba/security/CAN-2004-1154.html
- http://www.securityfocus.com/bid/11973
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
CRITICAL9.3
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CReferences
- http://bugs.gentoo.org/show_bug.cgi?id=200773
- http://docs.info.apple.com/article.html?artnum=307430
- http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html
- http://lists.vmware.com/pipermail/security-announce/2008/000005.html
- http://marc.info/?l=bugtraq&m=120524782005154&w=2
- http://secunia.com/advisories/27760
- http://secunia.com/advisories/27894
- http://secunia.com/advisories/27977
- http://secunia.com/advisories/27993
- http://secunia.com/advisories/27999
- http://secunia.com/advisories/28003
- http://secunia.com/advisories/28028
- http://secunia.com/advisories/28029
- http://secunia.com/advisories/28037
- http://secunia.com/advisories/28067
- http://secunia.com/advisories/28089
- http://secunia.com/advisories/28891
- http://secunia.com/advisories/29032
- http://secunia.com/advisories/29341
- http://secunia.com/advisories/30484
- http://secunia.com/advisories/30835
- http://secunia.com/secunia_research/2007-99/advisory/
- http://security.gentoo.org/glsa/glsa-200712-10.xml
- http://securityreason.com/securityalert/3438
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.451554
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-238251-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019295.1-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-520.htm
- http://www.debian.org/security/2007/dsa-1427
- http://www.kb.cert.org/vuls/id/438395
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:244
- http://www.novell.com/linux/security/advisories/2007_68_samba.html
- http://www.redhat.com/support/errata/RHSA-2007-1114.html
- http://www.redhat.com/support/errata/RHSA-2007-1117.html
- http://www.samba.org/samba/security/CVE-2007-6015.html
- http://www.securityfocus.com/archive/1/484818/100/0/threaded
- http://www.securityfocus.com/archive/1/484825/100/0/threaded
- http://www.securityfocus.com/archive/1/484827/100/0/threaded
- http://www.securityfocus.com/archive/1/485144/100/0/threaded
- http://www.securityfocus.com/archive/1/488457/100/0/threaded
- http://www.securityfocus.com/bid/26791
- http://www.securitytracker.com/id?1019065
- http://www.ubuntu.com/usn/usn-556-1
- http://www.us-cert.gov/cas/techalerts/TA08-043B.html
- http://www.vupen.com/english/advisories/2007/4153
- http://www.vupen.com/english/advisories/2008/0495/references
- http://www.vupen.com/english/advisories/2008/0637
- http://www.vupen.com/english/advisories/2008/0859/references
- http://www.vupen.com/english/advisories/2008/1712/references
- http://www.vupen.com/english/advisories/2008/1908
- http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38965
- https://issues.rpath.com/browse/RPL-1976
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11572
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5605
- https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00304.html
- https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00308.html
- http://bugs.gentoo.org/show_bug.cgi?id=200773
- http://docs.info.apple.com/article.html?artnum=307430
- http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html
- http://lists.vmware.com/pipermail/security-announce/2008/000005.html
- http://marc.info/?l=bugtraq&m=120524782005154&w=2
- http://secunia.com/advisories/27760
- http://secunia.com/advisories/27894
- http://secunia.com/advisories/27977
- http://secunia.com/advisories/27993
- http://secunia.com/advisories/27999
- http://secunia.com/advisories/28003
- http://secunia.com/advisories/28028
- http://secunia.com/advisories/28029
- http://secunia.com/advisories/28037
- http://secunia.com/advisories/28067
- http://secunia.com/advisories/28089
- http://secunia.com/advisories/28891
- http://secunia.com/advisories/29032
- http://secunia.com/advisories/29341
- http://secunia.com/advisories/30484
- http://secunia.com/advisories/30835
- http://secunia.com/secunia_research/2007-99/advisory/
- http://security.gentoo.org/glsa/glsa-200712-10.xml
- http://securityreason.com/securityalert/3438
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.451554
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-238251-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019295.1-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-520.htm
- http://www.debian.org/security/2007/dsa-1427
- http://www.kb.cert.org/vuls/id/438395
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:244
- http://www.novell.com/linux/security/advisories/2007_68_samba.html
- http://www.redhat.com/support/errata/RHSA-2007-1114.html
- http://www.redhat.com/support/errata/RHSA-2007-1117.html
- http://www.samba.org/samba/security/CVE-2007-6015.html
- http://www.securityfocus.com/archive/1/484818/100/0/threaded
- http://www.securityfocus.com/archive/1/484825/100/0/threaded
- http://www.securityfocus.com/archive/1/484827/100/0/threaded
- http://www.securityfocus.com/archive/1/485144/100/0/threaded
- http://www.securityfocus.com/archive/1/488457/100/0/threaded
- http://www.securityfocus.com/bid/26791
- http://www.securitytracker.com/id?1019065
- http://www.ubuntu.com/usn/usn-556-1
- http://www.us-cert.gov/cas/techalerts/TA08-043B.html
- http://www.vupen.com/english/advisories/2007/4153
- http://www.vupen.com/english/advisories/2008/0495/references
- http://www.vupen.com/english/advisories/2008/0637
- http://www.vupen.com/english/advisories/2008/0859/references
- http://www.vupen.com/english/advisories/2008/1712/references
- http://www.vupen.com/english/advisories/2008/1908
- http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38965
- https://issues.rpath.com/browse/RPL-1976
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11572
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5605
- https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00304.html
- https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00308.html