Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1332
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and previous versions allows remote malicious users to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.
Samba Samba
NA
CVE-2011-1678
smbfs in Samba 3.5.8 and previous versions attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the ...
Samba Samba
7.5
CVSSv3
CVE-2021-23192
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
Samba Samba
8.8
CVSSv3
CVE-2022-2031
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and us...
Samba Samba
2.5
CVSSv3
CVE-2021-43566
All versions of Samba before 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via N...
Samba Samba
NA
CVE-2008-3789
Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.
Samba Samba
6.5
CVSSv3
CVE-2023-5568
A heap-based Buffer Overflow flaw exists in Samba. It could allow a remote, authenticated malicious user to exploit this vulnerability to cause a denial of service.
Samba Samba
9.8
CVSSv3
CVE-2022-45141
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting ...
Samba Samba
NA
CVE-1999-0182
Samba has a buffer overflow which allows a remote malicious user to obtain root access by specifying a long password.
Samba Samba
1 EDB exploit
8.8
CVSSv3
CVE-2016-2123
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the...
Samba Samba
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »