Open mend-for-github-com[bot] opened 1 year ago
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
Vulnerable Library - sambasamba-3.6.25
https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Vulnerable Source Files (2)
/release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c /release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2015-0240
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)/release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c /release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c
### Vulnerability DetailsThe Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
Publish Date: 2015-02-24
URL: CVE-2015-0240
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-0240
Release Date: 2015-02-24
Fix Resolution: 3.6.25,4.0.25,4.1.17,4.2.0rc5
CVE-2022-45141
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Publish Date: 2023-03-06
URL: CVE-2022-45141
### CVSS 3 Score Details (9.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2022-45141.html
Release Date: 2022-11-10
Fix Resolution: samba-4.15.13
CVE-2022-2031
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)/release/src/router/samba-3.6.x_opwrt/source/source4/kdc/db-glue.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/db-glue.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/db-glue.c
### Vulnerability DetailsA flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other services.
Publish Date: 2022-08-25
URL: CVE-2022-2031
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2022-2031.html
Release Date: 2022-06-08
Fix Resolution: samba-4.14.14,samba-4.15.9,samba-4.16.4
CVE-2022-32744
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)/release/src/router/samba-3.6.x_opwrt/source/source4/kdc/hdb-samba4.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/hdb-samba4.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/hdb-samba4.c
### Vulnerability DetailsA flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.
Publish Date: 2022-08-25
URL: CVE-2022-32744
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2022-32744.html
Release Date: 2022-06-10
Fix Resolution: samba-4.14.14,samba-4.15.9,samba-4.16.4
CVE-2018-10858
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)/release/src/router/samba-3.6.x_opwrt/source/source3/libsmb/libsmb_path.c /release/src/router/samba-3.6.x_opwrt/source/source3/libsmb/libsmb_path.c /release/src/router/samba-3.6.x_opwrt/source/source3/libsmb/libsmb_path.c
### Vulnerability DetailsA heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
Publish Date: 2018-08-22
URL: CVE-2018-10858
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2018-10858.html
Release Date: 2018-08-22
Fix Resolution: 4.6.16,4.7.9,4.8.4
CVE-2022-32745
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
Publish Date: 2022-08-25
URL: CVE-2022-32745
### CVSS 3 Score Details (8.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2022-32745.html
Release Date: 2022-06-10
Fix Resolution: samba-4.14.14,samba-4.15.9,samba-4.16.4
CVE-2018-1139
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)/release/src/router/samba-3.6.x_opwrt/source/libcli/auth/ntlm_check.c /release/src/router/samba-3.6.x_opwrt/source/libcli/auth/ntlm_check.c /release/src/router/samba-3.6.x_opwrt/source/libcli/auth/ntlm_check.c
### Vulnerability DetailsA flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.
Publish Date: 2018-08-22
URL: CVE-2018-1139
### CVSS 3 Score Details (8.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2018-1139.html
Release Date: 2018-08-22
Fix Resolution: 4.7.9,4.8.4
CVE-2017-2619
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Publish Date: 2018-03-12
URL: CVE-2017-2619
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/7049
Release Date: 2018-03-12
Fix Resolution: 4.4.12,4.5.7,4.6.1
CVE-2017-15275
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)/release/src/router/samba-3.5.8/source3/smbd/srvstr.c /release/src/router/samba-3.5.8/source3/smbd/srvstr.c
### Vulnerability DetailsSamba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
Publish Date: 2017-11-27
URL: CVE-2017-15275
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275
Release Date: 2017-11-27
Fix Resolution: 4.7.3
CVE-2016-2118
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
Publish Date: 2016-04-12
URL: CVE-2016-2118
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-2118
Release Date: 2016-04-12
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2022-32743
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
Publish Date: 2022-09-01
URL: CVE-2022-32743
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here.CVE-2020-25720
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)In Samba, a user with sufficient privileges to create a computer account, such as a user granted CreateChild permissions for computer objects, may potentially set arbitrary values on security-sensitive attributes of specific objects stored in Active Directory (AD).
Publish Date: 2020-09-17
URL: CVE-2020-25720
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2020-25720
Release Date: 2020-09-17
Fix Resolution: ldb-2.7.0, tevent-0.14.0, samba-4.18.0, talloc-2.4.0, tdb-1.4.8
CVE-2020-10704
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
Publish Date: 2020-05-06
URL: CVE-2020-10704
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12704
Release Date: 2020-05-06
Fix Resolution: 2020.2
CVE-2017-17439
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.
Publish Date: 2017-12-06
URL: CVE-2017-17439
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17439
Release Date: 2017-12-06
Fix Resolution: heimdal-7.5.0
CVE-2016-2113
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.
Publish Date: 2016-04-25
URL: CVE-2016-2113
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2017-12151
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
Publish Date: 2018-07-27
URL: CVE-2017-12151
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/7890
Release Date: 2018-07-27
Fix Resolution: 4.4.16,4.5.14,4.6.8
CVE-2017-12150
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
Publish Date: 2018-07-26
URL: CVE-2017-12150
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2017-12150.html
Release Date: 2018-07-26
Fix Resolution: 4.4.16,4.5.14,4.6.8
CVE-2015-5252
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.
Publish Date: 2015-12-29
URL: CVE-2015-5252
### CVSS 3 Score Details (7.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2015-5252.html
Release Date: 2015-12-29
Fix Resolution: 4.3.3,4.2.7,4.1.22
CVE-2022-37967
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25Windows Kerberos Elevation of Privilege Vulnerability
Publish Date: 2022-11-09
URL: CVE-2022-37967
### CVSS 3 Score Details (7.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: High - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2022-11-09
Fix Resolution: samba-4.17.4
CVE-2017-12163
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.
Publish Date: 2018-07-26
URL: CVE-2017-12163
### CVSS 3 Score Details (7.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2017-12163.html
Release Date: 2018-07-26
Fix Resolution: 4.4.16,4.5.14,4.6.8
CVE-2021-20254
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)/release/src/router/samba-3.5.8/source3/passdb/lookup_sid.c /release/src/router/samba-3.5.8/source3/passdb/lookup_sid.c
### Vulnerability DetailsA flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.
Publish Date: 2021-05-05
URL: CVE-2021-20254
### CVSS 3 Score Details (6.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2021-20254.html
Release Date: 2021-05-05
Fix Resolution: samba-4.12.15, 4.13.8, 4.14.4
CVE-2019-10218
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.
Publish Date: 2019-11-06
URL: CVE-2019-10218
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2019-10218.html
Release Date: 2019-11-06
Fix Resolution: 4.11.2;4.10.10;4.9.15
CVE-2021-3671
### Vulnerable Library - sambasamba-3.6.25https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Library home page: https://github.com/samba-team/samba.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
Publish Date: 2021-10-12
URL: CVE-2021-3671
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-3671
Release Date: 2021-10-12
Fix Resolution: samba - 2:4.13.13+dfsg-1~deb11u1,2:4.13.13+dfsg-1
CVE-2015-7560
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.
Publish Date: 2016-03-13
URL: CVE-2015-7560
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
Release Date: 2016-03-13
Fix Resolution: 4.1.23,4.2.9,4.3.6,4.4.0rc4
CVE-2016-2111
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
Publish Date: 2016-04-25
URL: CVE-2016-2111
### CVSS 3 Score Details (6.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2016-2110
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
Publish Date: 2016-04-25
URL: CVE-2016-2110
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2016-2112
### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
Publish Date: 2016-04-25
URL: CVE-2016-2112
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2