FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e4bc323f-cc73-11e6-b704-000c292e4fd8	samba -- multiple vulnerabilities Samba team reports: [CVE-2016-2123] Authenticated users can supply malicious dnsRecord attributes on DNS objects and trigger a controlled memory corruption. [CVE-2016-2125] Samba client code always requests a forwardable ticket when using Kerberos authentication. This means the target server, which must be in the current or trusted domain/realm, is given a valid general purpose Kerberos "Ticket Granting Ticket" (TGT), which can be used to fully impersonate the authenticated user or service. [CVE-2016-2126] A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket due to incorrect handling of the PAC checksum. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions. Discovery 2016-12-19 Entry 2016-12-26 Modified 2016-12-26 samba36 ge 3.6.0 le 3.6.25_4 samba4 ge 4.0.0 le 4.0.26 samba41 ge 4.1.0 le 4.1.23 samba42 ge 4.2.0 le 4.2.14 samba43 ge 4.3.0 lt 4.3.13 samba44 ge 4.4.0 lt 4.4.8 samba45 ge 4.5.0 lt 4.5.3 CVE-2016-2123 https://www.samba.org/samba/security/CVE-2016-2123.html CVE-2016-2125 https://www.samba.org/samba/security/CVE-2016-2125.html CVE-2016-2126 https://www.samba.org/samba/security/CVE-2016-2126.html

VuXML ID

Description

e4bc323f-cc73-11e6-b704-000c292e4fd8

samba -- multiple vulnerabilities

Samba team reports:

[CVE-2016-2123] Authenticated users can supply malicious dnsRecord attributes on DNS objects and trigger a controlled memory corruption.

[CVE-2016-2125] Samba client code always requests a forwardable ticket when using Kerberos authentication. This means the target server, which must be in the current or trusted domain/realm, is given a valid general purpose Kerberos "Ticket Granting Ticket" (TGT), which can be used to fully impersonate the authenticated user or service.

[CVE-2016-2126] A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket due to incorrect handling of the PAC checksum. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.

Discovery 2016-12-19
Entry 2016-12-26
Modified 2016-12-26
samba36

ge 3.6.0 le 3.6.25_4

samba4

ge 4.0.0 le 4.0.26

samba41

ge 4.1.0 le 4.1.23

samba42

ge 4.2.0 le 4.2.14

samba43

ge 4.3.0 lt 4.3.13

samba44

ge 4.4.0 lt 4.4.8

samba45

ge 4.5.0 lt 4.5.3

CVE-2016-2123
https://www.samba.org/samba/security/CVE-2016-2123.html
CVE-2016-2125
https://www.samba.org/samba/security/CVE-2016-2125.html
CVE-2016-2126
https://www.samba.org/samba/security/CVE-2016-2126.html