Search results

:* user oriented programs to visualize the statistics ...the work to translate often needed questions into SQL statements from the user. They are also running networked, and can be run on a complete different sy

...target can point to anywhere on the server file system. The authenticated user must have permissions to create a directory under the target directory of t *[https://www.samba.org/samba/security/CVE-2020-25717.html CVE-2020-25717]: A user on the domain can become root on domain members.

Active Directory (AD) is a set of network services that run on a [[Setting_up_Samba_as_an_Active_Directory ...LDAP (Lightweight Directory Access Protocol) is one way AD clients look-up user information or to perform administration. LDAP is the primary administrativ

...2019-3880 CVE-2019-3880] (Save registry file outside share as unprivileged user) :* [https://bugzilla.samba.org/show_bug.cgi?id=13686 BUG #13686]: 'samba-tool user syscpasswords' fails on a domain with many DCs.

...me.cgi?name=CVE-2018-1057 CVE-2018-1057]: Unprivileged user can change any user (and admin) password. ...me.cgi?name=CVE-2018-1057 CVE-2018-1057]: Unprivileged user can change any user (and admin) password.

...i-bin/cvename.cgi?name=CVE-2019-14902 CVE-2019-14902]: Replication of ACLs set to inherit down a subtree on AD Directory not automatic. :An authenticated user can crash the DCE/RPC DNS management server by creating records with matchi

...me.cgi?name=CVE-2018-1057 CVE-2018-1057]: Unprivileged user can change any user (and admin) password. ...me.cgi?name=CVE-2018-1057 CVE-2018-1057]: Unprivileged user can change any user (and admin) password.

...those values into the process token that stores the group membership for a user. ...artment, Linköping University) found this flaw by noticing an unprivileged user was able to delete a file within a network share that they should have been

...l_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory ...ng Ticket" (TGT), which can be used to fully impersonate the authenticated user or service.

...ctory in that other directory, even if the share parameter "wide links" is set to "no" (the default). ...he share path the current accessing user should have DIRECTORY_LIST access rights in order to view the current snapshots.

...samba.org/samba/security/CVE-2020-14323.html CVE-2020-14323]: Unprivileged user can crash winbind. ...a.org/samba/security/CVE-2020-14383.html CVE-2020-14383]: An authenticated user can crash the DCE/RPC DNS with easily crafted records.

...tps://bugzilla.samba.org/show_bug.cgi?id=14205 BUG #14205]: s3: smbd: Only set xconn->smb1.negprot.done = true after supported_protocols[protocol].proto_r ...i-bin/cvename.cgi?name=CVE-2019-14902 CVE-2019-14902]: Replication of ACLs set to inherit down a subtree on AD Directory not automatic.

...default is "if_required"). Even more rarely the "client max protocol" is set to SMB2, rather than the NT1 default. ...https://bugzilla.samba.org/show_bug.cgi?id=11771 BUG #11771]: tevent: Only set public headers field when installing as a public library.

:A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anony :Samba's AD DC allows the administrator to delegate creation of user or computer accounts to specific users or groups.