CNNVD-202511-776 Information
CNNVD ID
CNNVD-202511-776
Related CVE
- CNNVD Published: 2025-11-07
Description (Chinese)
Samba是Samba开源的一个适用于 Linux 和 Unix 的标准 Windows 互操作性程序套件。 Samba存在操作系统命令注入漏洞,该漏洞源于前端WINS钩子处理中对NetBIOS名称未进行适当验证或转义,可能导致远程命令执行。
Description (English)
Samba is a standard Windows interoperability suite for Linux and Unix, an open source of Samba. Samba has an operational system command that injects a loophole from the failure to properly validate or convert the name of NetBIOS in front-end WINS hook processing, which may lead to remote command execution.
Hazard Level
Low
Vulnerability Type
操作系统命令注入
Affected Vendor
Samba
Published
2025-11-07
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2025-10230 https://bugzilla.redhat.com/show_bug.cgi?id=2394377 https://www.samba.org/samba/history/security.html https://vigilance.fr/vulnerability/Samba-code-execution-via-WINS-Server-Hook-Script-48500
Patch
https://www.samba.org/samba/history/security.html
Share on: