![]() The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. This could allow an attacker to access files that the user should not have access to.Ī vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The affected application lacks proper access controls in SMB shares. ![]() IBM X-Force ID: 267963.Ī vulnerability has been identified in COMOS (All versions). IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. Version 3.118.2 contains a patch for this issue. ![]() Successful exploitation of this vulnerability will enable an attacker to gain code execution on a victim's computer. Prior to version 3.118.12, it correctly blocks the `file:` URL scheme, which can be used by malicious actors to gain code execution on a victims computer, however fails to check other harmful schemes such as `ftp:`, `smb:`, etc. Tutanota allows users to open links in emails in external applications. Tutanota (Tuta Mail) is an encrypted email provider. There is a Weak SMB configuration with signing disabled. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.Īn access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily disable the SMB service on a victim's Qstar instance by executing a specific command in a link.Īn access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily adjust sensitive SMB settings on the QStar Server.Īn unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command.Īn issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. A successful exploit could allow the attacker to crash the application when attempting to load the malicious file.Ī use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. An attacker could exploit this vulnerability by sending a malicious configuration file (file with SMB extension) to a user via a link or email attachment and persuade the user to open the file with the affected software on the local system. ![]() Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11. This issue could allow a local attacker to crash the system or leak internal kernel information. This issue could allow a local attacker to crash the system or leak internal kernel information.Īn out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.Īn out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |