Lucene search
F5F5:K51324410HistoryApr 11, 2016 - 12:00 a.m.
K51324410 : SAMBA vulnerabilities CVE-2015-7560 and CVE-2016-0771
2016-04-1100:00:00
my.f5.com
16
Security Advisory Description
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
f5
f5
SOL51324410 - SAMBA vulnerabilities CVE-2015-7560 and CVE-2016-0771
2016-04-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.3.6-alt1
2016-03-09 00:00:00
Security fix for the ALT Linux 7 package samba-DC version 4.3.6-alt1
2016-03-09 00:00:00
Security fix for the ALT Linux 8 package samba version 4.3.6-alt1
2016-03-09 00:00:00
nessus
nessus
Slackware 14.1 / current : samba (SSA:2016-068-02)
2016-03-09 00:00:00
Samba 4.x < 4.1.23 / 4.2.x < 4.2.9 / 4.3.x < 4.3.6 / 4.4.x < 4.4.0rc4 Multiple Vulnerabilities
2016-06-09 00:00:00
openSUSE Security Update : samba (openSUSE-2016-359)
2016-03-21 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2016-068-02)
2022-04-21 00:00:00
openSUSE: Security Advisory for samba (openSUSE-SU-2016:0813-1)
2016-03-19 00:00:00
Debian: Security Advisory (DSA-3514-1)
2016-03-11 00:00:00
ibm
ibm
suse
suse
Security update for samba (important)
2016-03-18 14:12:36
Security update for samba (important)
2016-03-29 17:07:14
Security update for samba (important)
2016-03-18 14:13:43
slackware
slackware
[slackware-security] samba
2016-03-08 21:14:43
debian
debian
[SECURITY] [DSA 3514-1] samba security update
2016-03-12 07:23:52
[SECURITY] [DSA 3514-1] samba security update
2016-03-12 07:23:52
osv
osv
samba - security update
2016-03-12 00:00:00
ctdb-4.5.0-1.1 on GA media
2024-06-15 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2016-03-08 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: samba-4.2.9-0.fc22
2016-03-13 09:53:02
[SECURITY] Fedora 24 Update: samba-4.4.0-0.7.rc4.fc24
2016-03-27 01:03:41
[SECURITY] Fedora 23 Update: samba-4.3.6-0.fc23
2016-03-12 11:51:27
centos
centos
samba4 security update
2016-03-15 23:36:02
ctdb, libsmbclient, libwbclient, samba security update
2016-03-15 23:34:54
debiancve
debiancve
CVE-2015-7560
2016-03-13 22:59:00
CVE-2016-0771
2016-03-13 22:59:01
redhat
redhat
(RHSA-2016:0449) Moderate: samba4 security update
2016-03-15 00:00:00
(RHSA-2016:0447) Moderate: samba security and bug fix update
2016-03-15 12:23:15
(RHSA-2016:0448) Moderate: samba security update
2016-03-15 12:23:23
veracode
veracode
Authorization Bypass
2019-01-15 09:10:27
cvelist
cvelist
CVE-2015-7560
2016-03-13 22:00:00
CVE-2016-0771
2016-03-13 22:00:00
amazon
amazon
Medium: samba
2016-03-29 15:30:00
nvd
nvd
CVE-2015-7560
2016-03-13 22:59:00
CVE-2016-0771
2016-03-13 22:59:01
mageia
mageia
Updated samba packages fix security vulnerability
2016-03-11 02:37:43
cve
cve
CVE-2015-7560
2016-03-13 22:59:00
CVE-2016-0771
2016-03-13 22:59:01
oraclelinux
oraclelinux
samba security update
2016-03-15 00:00:00
samba4 security update
2016-03-15 00:00:00
samba security and bug fix update
2018-06-25 00:00:00
ubuntucve
ubuntucve
CVE-2015-7560
2016-03-08 00:00:00
CVE-2016-0771
2016-03-08 00:00:00
prion
prion
Design/Logic Flaw
2016-03-13 22:59:00
Out-of-bounds
2016-03-13 22:59:00
samba
samba
Incorrect ACL get/set allowed on symlink path.
2016-03-08 00:00:00
Out-of-bounds read in internal DNS server
2016-03-08 00:00:00