September 21, 2020
The Samba Team has released a security update to address a critical vulnerability – CVE-2020-1472 – in multiple versions of Samba. This vulnerability could allow a remote attacker to take control of an affected system. CISA encourages users and administrators to review the Samba Security Announcement for CVE-2020-1472 and apply the necessary updates or workaround. Read the advisory at CISA.
July 3, 2020
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Samba Security Announcements for CVE-2020-10730, CVE-2020-10745, CVE-2020-10760, and CVE-2020-14303 and apply the necessary updates and workarounds. Read the advisory at CISA.
April 28, 2020
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Samba Security Announcements for CVE-2020-10700 and CVE-2020-10704 and apply the necessary updates and workarounds. Read the advisory at CISA.
January 21, 2020
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Samba Security Announcements for CVE-2019-14902, CVE-2019-14907, and CVE-2019-19344 and apply the necessary updates and workarounds. Read the advisory at CISA.
December 10, 2019
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Samba Security Announcements for CVE-2019-14861 and CVE-2019-14870 and apply the necessary updates and workarounds. Read the advisory at CISA.
October 29, 2019
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to obtain sensitive information. DHS CISA encourages users and administrators to review the Samba Security Announcements for CVE-2019-10218, CVE-2019-14833, and CVE-2019-14847 and apply the necessary updates and workarounds. Read the advisory at CISA.
September 4, 2019
The Samba Team has released security updates to address a vulnerability in all versions of Samba from 4.9.0 onward. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Samba Security Announcement for CVE-2019-10197 and apply the necessary updates and workarounds. Read the advisory at CISA.
June 19, 2019
The Samba Team has released security updates to address vulnerabilities in Samba 4.9 and all versions of Samba from 4.10 onward. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. The NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2019-12435 and CVE-2019-12436 and apply the necessary updates. Read the advisory at NCCIC/US-CERT.
May 14, 2019
The Samba Team has released security updates to address a vulnerability in Samba. An attacker could exploit this vulnerability take control of an affected system. The NCCIC encourages users and administrators to review the Samba Security Announcement for CVE-2018-16860 and apply the necessary updates. Read the advisory at NCCIC/US-CERT.
April 8, 2019
The Samba Team has released security updates to address vulnerabilities in Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. The NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2019-3870 and CVE-2019-3880 and apply the necessary updates. Read the advisory at NCCIC/US-CERT.
November 27, 2018
The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. The NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2018-14629, CVE-2018-16841, CVE-2018-16851, CVE-2018-16852, CVE-2018-16853, and CVE-2018-16857 and apply the necessary updates. NCCIC/US-CERT.
August 14, 2018
The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Samba Security Announcements for CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139, and CVE-2018-1140 and apply the necessary updates. NCCIC/US-CERT.
March 13, 2018
The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the Samba Security Announcements for CVE-2018-1050 and CVE-2018-1057 and apply the necessary updates, or refer to their Linux or Unix-based OS vendors for appropriate patches. US-CERT.
September 20, 2017
The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit any of these vulnerabilities to obtain access to potentially sensitive information. US-CERT encourages users and administrators to review the Samba Security Announcements for CVE-2017-12150, CVE-2017-12151, and CVE-2017-12163 and apply the necessary updates, or refer to their Linux or Unix-based OS vendors for appropriate patches. US-CERT.