FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
fb26f78a-26a9-11e8-a1c2-00505689d4aesamba -- multiple vulnerabilities

The samba project reports:

Missing null pointer checks may crash the external print server process.

On a Samba 4 AD DC any authenticated user can change other user's passwords over LDAP, including the passwords of administrative users and service accounts.


Discovery 2018-01-03
Entry 2018-03-13
samba44
< 4.4.17

samba45
< 4.5.16

samba46
< 4.6.14

samba47
< 4.7.6

https://www.samba.org/samba/security/CVE-2018-1050.html
CVE-2018-1050
https://www.samba.org/samba/security/CVE-2018-1057.html
CVE-2018-1057
c4e9a427-9fc2-11e8-802a-000c29a1e3ecsamba -- multiple vulnerabilities

The samba project reports:

Samba releases 4.7.0 to 4.8.3 (inclusive) contain an error which allows authentication using NTLMv1 over an SMB1 transport (either directory or via NETLOGON SamLogon calls from a member server), even when NTLMv1 is explicitly disabled on the server.

Missing input sanitization checks on some of the input parameters to LDB database layer cause the LDAP server and DNS server to crash when following a NULL pointer.

Samba releases 3.2.0 to 4.8.3 (inclusive) contain an error in libsmbclient that could allow a malicious server to overwrite client heap memory by returning an extra long filename in a directory listing.

Missing database output checks on the returned directory attributes from the LDB database layer cause the DsCrackNames call in the DRSUAPI server to crash when following a NULL pointer.

All versions of the Samba Active Directory LDAP server from 4.0.0 onwards are vulnerable to the disclosure of confidential attribute values, both of attributes where the schema SEARCH_FLAG_CONFIDENTIAL (0x80) searchFlags bit and where an explicit Access Control Entry has been specified on the ntSecurityDescriptor.


Discovery 2018-08-14
Entry 2018-08-14
samba46
< 4.6.16

samba47
< 4.7.9

samba48
< 4.8.4

https://www.samba.org/samba/security/CVE-2018-1139.html
CVE-2018-1139
https://www.samba.org/samba/security/CVE-2018-1140.html
CVE-2018-1140
https://www.samba.org/samba/security/CVE-2018-10858.html
CVE-2018-10858
https://www.samba.org/samba/security/CVE-2018-10918.html
CVE-2018-10918
https://www.samba.org/samba/security/CVE-2018-10919.html
CVE-2018-10919
54976998-f248-11e8-81e2-005056a311d1samba -- multiple vulnerabilities

The samba project reports:

All versions of Samba from 4.0.0 onwards are vulnerable to infinite query recursion caused by CNAME loops. Any dns record can be added via ldap by an unprivileged user using the ldbadd tool, so this is a security issue.

When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ.

During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process.

During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will follow a NULL pointer and terminate

A user in a Samba AD domain can crash the KDC when Samba is built in the non-default MIT Kerberos configuration.

AD DC Configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all.


Discovery 2018-08-14
Entry 2018-08-14
samba46
le 4.6.16

samba47
< 4.7.12

samba48
< 4.8.7

samba49
< 4.9.3

https://www.samba.org/samba/security/CVE-2018-14629.html
CVE-2018-14629
https://www.samba.org/samba/security/CVE-2018-16841.html
CVE-2018-16841
https://www.samba.org/samba/security/CVE-2018-16851.html
CVE-2018-16851
https://www.samba.org/samba/security/CVE-2018-16852.html
CVE-2018-16852
https://www.samba.org/samba/security/CVE-2018-16853.html
CVE-2018-16853
https://www.samba.org/samba/security/CVE-2018-16857.html
CVE-2018-16857
85851e4f-67d9-11e7-bc37-00505689d4aesamba -- Orpheus Lyre mutual authentication validation bypass

The samba project reports:

A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data.


Discovery 2017-07-12
Entry 2017-07-12
samba42
< 4.2.15

samba43
< 4.3.14

samba44
< 4.4.15

samba45
< 4.5.12

samba46
< 4.6.6

https://www.samba.org/samba/security/CVE-2017-11103.html
CVE-2017-11103
793a0072-7822-11e9-81e2-005056a311d1samba -- multiple vulnerabilities

The samba project reports:

The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the requested target (client) principal

Authenticated users with write permission can trigger a symlink traversal to write or detect files outside the Samba share.


Discovery 2019-05-14
Entry 2019-05-14
samba46
le 4.6.16

samba47
le 4.7.12

samba48
< 4.8.12

samba49
< 4.9.8

samba410
< 4.10.3

https://www.samba.org/samba/security/CVE-2018-16860.html
CVE-2018-16860
https://www.samba.org/samba/security/CVE-2019-3880.html
CVE-2019-3880