sambasamba-3.6.25: 42 vulnerabilities (highest severity is: 9.8)

[mend-for-github-com[bot]]

Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Vulnerable Source Files (2)

/release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c /release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c

Vulnerabilities

CVE	Severity	CVSS	Dependency	Type	Fixed in (sambasamba version)	Remediation Possible**
CVE-2015-0240	Critical	9.8	sambasamba-3.6.25	Direct	3.6.25,4.0.25,4.1.17,4.2.0rc5	❌
CVE-2022-45141	Critical	9.8	sambasamba-3.6.25	Direct	samba-4.15.13	❌
CVE-2022-2031	High	8.8	sambasamba-3.6.25	Direct	samba-4.14.14,samba-4.15.9,samba-4.16.4	❌
CVE-2022-32744	High	8.8	sambasamba-3.6.25	Direct	samba-4.14.14,samba-4.15.9,samba-4.16.4	❌
CVE-2018-10858	High	8.8	sambasamba-3.6.25	Direct	4.6.16,4.7.9,4.8.4	❌
CVE-2022-32745	High	8.1	detected in multiple dependencies	Direct	samba-4.14.14,samba-4.15.9,samba-4.16.4	❌
CVE-2018-1139	High	8.1	sambasamba-3.6.25	Direct	4.7.9,4.8.4	❌
CVE-2017-2619	High	7.5	detected in multiple dependencies	Direct	4.4.12,4.5.7,4.6.1	❌
CVE-2017-15275	High	7.5	sambasamba-3.6.25	Direct	4.7.3	❌
CVE-2016-2118	High	7.5	detected in multiple dependencies	Direct	4.2.11,4.3.8,4.4.2	❌
CVE-2022-32743	High	7.5	sambasamba-3.6.25	Direct	N/A	❌
CVE-2020-25720	High	7.5	sambasamba-3.6.25	Direct	ldb-2.7.0, tevent-0.14.0, samba-4.18.0, talloc-2.4.0, tdb-1.4.8	❌
CVE-2020-10704	High	7.5	detected in multiple dependencies	Direct	2020.2	❌
CVE-2017-17439	High	7.5	sambasamba-3.6.25	Direct	heimdal-7.5.0	❌
CVE-2016-2113	High	7.4	detected in multiple dependencies	Direct	4.2.11,4.3.8,4.4.2	❌
CVE-2017-12151	High	7.4	detected in multiple dependencies	Direct	4.4.16,4.5.14,4.6.8	❌
CVE-2017-12150	High	7.4	detected in multiple dependencies	Direct	4.4.16,4.5.14,4.6.8	❌
CVE-2015-5252	High	7.2	sambasamba-3.6.25	Direct	4.3.3,4.2.7,4.1.22	❌
CVE-2022-37967	High	7.2	detected in multiple dependencies	Direct	samba-4.17.4	❌
CVE-2017-12163	High	7.1	sambasamba-3.6.25	Direct	4.4.16,4.5.14,4.6.8	❌
CVE-2021-20254	Medium	6.8	sambasamba-3.6.25	Direct	samba-4.12.15, 4.13.8, 4.14.4	❌
CVE-2019-10218	Medium	6.5	detected in multiple dependencies	Direct	4.11.2;4.10.10;4.9.15	❌
CVE-2021-3671	Medium	6.5	sambasamba-3.6.25	Direct	samba - 2:4.13.13+dfsg-1~deb11u1,2:4.13.13+dfsg-1	❌
CVE-2015-7560	Medium	6.5	detected in multiple dependencies	Direct	4.1.23,4.2.9,4.3.6,4.4.0rc4	❌
CVE-2016-2111	Medium	6.3	detected in multiple dependencies	Direct	4.2.11,4.3.8,4.4.2	❌
CVE-2016-2110	Medium	5.9	detected in multiple dependencies	Direct	4.2.11,4.3.8,4.4.2	❌
CVE-2016-2112	Medium	5.9	detected in multiple dependencies	Direct	4.2.11,4.3.8,4.4.2	❌
CVE-2016-2114	Medium	5.9	detected in multiple dependencies	Direct	4.4.2,4.3.8,4.2.11	❌
CVE-2016-2115	Medium	5.9	detected in multiple dependencies	Direct	4.2.11,4.3.8,4.4.2	❌
CVE-2018-16853	Medium	5.9	sambasamba-3.6.25	Direct	samba-4.8.8,samba-4.9.4	❌
CVE-2013-0213	Medium	5.6	sambasamba-3.6.25	Direct	3.5.21,3.6.12,4.0.2	❌
CVE-2022-32746	Medium	5.4	detected in multiple dependencies	Direct	samba-4.14.14,samba-4.15.9,samba-4.16.4	❌
CVE-2015-5296	Medium	5.4	sambasamba-3.6.25	Direct	4.1.22,4.2.7,4.3.3	❌
CVE-2019-14870	Medium	5.4	sambasamba-3.6.25	Direct	4.9.17;4.10.11;4.11.3	❌
CVE-2015-5299	Medium	5.3	sambasamba-3.6.25	Direct	4.1.22,4.2.7,4.3.3	❌
CVE-2013-4124	Medium	5.3	sambasamba-3.6.25	Direct	3.5.22,3.6.17,4.0.8	❌
CVE-2011-0719	Medium	5.3	detected in multiple dependencies	Direct	3.3.15,3.4.12,3.5.7	❌
CVE-2019-14847	Medium	4.9	sambasamba-3.6.25	Direct	4.9.15;4.10.10	❌
CVE-2021-44141	Medium	4.3	detected in multiple dependencies	Direct	samba-4.15.5	❌
CVE-2012-6150	Medium	4.2	sambasamba-3.6.25	Direct	3.6	❌
CVE-2014-3493	Low	3.5	sambasamba-3.6.25	Direct	3.6.24,4.0.19,4.1.9	❌
CVE-2013-0172	Low	3.1	detected in multiple dependencies	Direct	ldb-1.1.15	❌

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

Partial details (27 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.

CVE-2015-0240

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (2)

/release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c /release/src/router/samba-3.5.8/source3/rpc_server/srv_netlog_nt.c

### Vulnerability Details

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

Publish Date: 2015-02-24

URL: CVE-2015-0240

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-0240

Release Date: 2015-02-24

Fix Resolution: 3.6.25,4.0.25,4.1.17,4.2.0rc5

CVE-2022-45141

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).

Publish Date: 2023-03-06

URL: CVE-2022-45141

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2022-45141.html

Release Date: 2022-11-10

Fix Resolution: samba-4.15.13

CVE-2022-2031

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/samba-3.6.x_opwrt/source/source4/kdc/db-glue.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/db-glue.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/db-glue.c

### Vulnerability Details

A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other services.

Publish Date: 2022-08-25

URL: CVE-2022-2031

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2022-2031.html

Release Date: 2022-06-08

Fix Resolution: samba-4.14.14,samba-4.15.9,samba-4.16.4

CVE-2022-32744

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/samba-3.6.x_opwrt/source/source4/kdc/hdb-samba4.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/hdb-samba4.c /release/src/router/samba-3.6.x_opwrt/source/source4/kdc/hdb-samba4.c

### Vulnerability Details

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

Publish Date: 2022-08-25

URL: CVE-2022-32744

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2022-32744.html

Release Date: 2022-06-10

Fix Resolution: samba-4.14.14,samba-4.15.9,samba-4.16.4

CVE-2018-10858

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/samba-3.6.x_opwrt/source/source3/libsmb/libsmb_path.c /release/src/router/samba-3.6.x_opwrt/source/source3/libsmb/libsmb_path.c /release/src/router/samba-3.6.x_opwrt/source/source3/libsmb/libsmb_path.c

### Vulnerability Details

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Publish Date: 2018-08-22

URL: CVE-2018-10858

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2018-10858.html

Release Date: 2018-08-22

Fix Resolution: 4.6.16,4.7.9,4.8.4

CVE-2022-32745

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

Publish Date: 2022-08-25

URL: CVE-2022-32745

### CVSS 3 Score Details (8.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2022-32745.html

Release Date: 2022-06-10

Fix Resolution: samba-4.14.14,samba-4.15.9,samba-4.16.4

CVE-2018-1139

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/samba-3.6.x_opwrt/source/libcli/auth/ntlm_check.c /release/src/router/samba-3.6.x_opwrt/source/libcli/auth/ntlm_check.c /release/src/router/samba-3.6.x_opwrt/source/libcli/auth/ntlm_check.c

### Vulnerability Details

A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.

Publish Date: 2018-08-22

URL: CVE-2018-1139

### CVSS 3 Score Details (8.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2018-1139.html

Release Date: 2018-08-22

Fix Resolution: 4.7.9,4.8.4

CVE-2017-2619

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.

Publish Date: 2018-03-12

URL: CVE-2017-2619

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://bugs.alpinelinux.org//issues/7049

Release Date: 2018-03-12

Fix Resolution: 4.4.12,4.5.7,4.6.1

CVE-2017-15275

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (2)

/release/src/router/samba-3.5.8/source3/smbd/srvstr.c /release/src/router/samba-3.5.8/source3/smbd/srvstr.c

### Vulnerability Details

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

Publish Date: 2017-11-27

URL: CVE-2017-15275

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275

Release Date: 2017-11-27

Fix Resolution: 4.7.3

CVE-2016-2118

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Publish Date: 2016-04-12

URL: CVE-2016-2118

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-2118

Release Date: 2016-04-12

Fix Resolution: 4.2.11,4.3.8,4.4.2

CVE-2022-32743

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.

Publish Date: 2022-09-01

URL: CVE-2022-32743

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

CVE-2020-25720

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

In Samba, a user with sufficient privileges to create a computer account, such as a user granted CreateChild permissions for computer objects, may potentially set arbitrary values on security-sensitive attributes of specific objects stored in Active Directory (AD).

Publish Date: 2020-09-17

URL: CVE-2020-25720

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://security-tracker.debian.org/tracker/CVE-2020-25720

Release Date: 2020-09-17

Fix Resolution: ldb-2.7.0, tevent-0.14.0, samba-4.18.0, talloc-2.4.0, tdb-1.4.8

CVE-2020-10704

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

Publish Date: 2020-05-06

URL: CVE-2020-10704

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12704

Release Date: 2020-05-06

Fix Resolution: 2020.2

CVE-2017-17439

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.

Publish Date: 2017-12-06

URL: CVE-2017-17439

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17439

Release Date: 2017-12-06

Fix Resolution: heimdal-7.5.0

CVE-2016-2113

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.

Publish Date: 2016-04-25

URL: CVE-2016-2113

### CVSS 3 Score Details (7.4)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://bugs.alpinelinux.org//issues/5494

Release Date: 2016-04-25

Fix Resolution: 4.2.11,4.3.8,4.4.2

CVE-2017-12151

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.

Publish Date: 2018-07-27

URL: CVE-2017-12151

### CVSS 3 Score Details (7.4)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://bugs.alpinelinux.org//issues/7890

Release Date: 2018-07-27

Fix Resolution: 4.4.16,4.5.14,4.6.8

CVE-2017-12150

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

Publish Date: 2018-07-26

URL: CVE-2017-12150

### CVSS 3 Score Details (7.4)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2017-12150.html

Release Date: 2018-07-26

Fix Resolution: 4.4.16,4.5.14,4.6.8

CVE-2015-5252

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.

Publish Date: 2015-12-29

URL: CVE-2015-5252

### CVSS 3 Score Details (7.2)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2015-5252.html

Release Date: 2015-12-29

Fix Resolution: 4.3.3,4.2.7,4.1.22

CVE-2022-37967

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

Windows Kerberos Elevation of Privilege Vulnerability

Publish Date: 2022-11-09

URL: CVE-2022-37967

### CVSS 3 Score Details (7.2)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: High - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2022-11-09

Fix Resolution: samba-4.17.4

CVE-2017-12163

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.

Publish Date: 2018-07-26

URL: CVE-2017-12163

### CVSS 3 Score Details (7.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Adjacent - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2017-12163.html

Release Date: 2018-07-26

Fix Resolution: 4.4.16,4.5.14,4.6.8

CVE-2021-20254

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (2)

/release/src/router/samba-3.5.8/source3/passdb/lookup_sid.c /release/src/router/samba-3.5.8/source3/passdb/lookup_sid.c

### Vulnerability Details

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.

Publish Date: 2021-05-05

URL: CVE-2021-20254

### CVSS 3 Score Details (6.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2021-20254.html

Release Date: 2021-05-05

Fix Resolution: samba-4.12.15, 4.13.8, 4.14.4

CVE-2019-10218

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.

Publish Date: 2019-11-06

URL: CVE-2019-10218

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.samba.org/samba/security/CVE-2019-10218.html

Release Date: 2019-11-06

Fix Resolution: 4.11.2;4.10.10;4.9.15

CVE-2021-3671

### Vulnerable Library - sambasamba-3.6.25

https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)

Library home page: https://github.com/samba-team/samba.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

Publish Date: 2021-10-12

URL: CVE-2021-3671

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-3671

Release Date: 2021-10-12

Fix Resolution: samba - 2:4.13.13+dfsg-1~deb11u1,2:4.13.13+dfsg-1

CVE-2015-7560

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

Publish Date: 2016-03-13

URL: CVE-2015-7560

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560

Release Date: 2016-03-13

Fix Resolution: 4.1.23,4.2.9,4.3.6,4.4.0rc4

CVE-2016-2111

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.

Publish Date: 2016-04-25

URL: CVE-2016-2111

### CVSS 3 Score Details (6.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://bugs.alpinelinux.org//issues/5494

Release Date: 2016-04-25

Fix Resolution: 4.2.11,4.3.8,4.4.2

CVE-2016-2110

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.

Publish Date: 2016-04-25

URL: CVE-2016-2110

### CVSS 3 Score Details (5.9)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://bugs.alpinelinux.org//issues/5494

Release Date: 2016-04-25

Fix Resolution: 4.2.11,4.3.8,4.4.2

CVE-2016-2112

### Vulnerable Libraries - sambasamba-3.6.25, sambasamba-3.6.25

### Vulnerability Details

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.

Publish Date: 2016-04-25

URL: CVE-2016-2112

### CVSS 3 Score Details (5.9)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

Release Date: 2016-04-25

Fix Resolution: 4.2.11,4.3.8,4.4.2

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

[mend-for-github-com[bot]]

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

[mend-for-github-com[bot]]

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.