Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba 3.2.5 vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2022-29154
An issue exists in rsync prior to 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file ...
Samba Rsync
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2 Github repositories
NA
CVE-2013-0213
The Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
Samba Samba 3.5.15
Samba Samba 3.5.14
Samba Samba 3.5.6
Samba Samba 3.5.5
Samba Samba 3.4.16
Samba Samba 3.4.15
Samba Samba 3.4.8
Samba Samba 3.4.7
Samba Samba 3.4.6
Samba Samba 3.3.9
Samba Samba 3.3.10
Samba Samba 3.3.12
Samba Samba 3.3.13
Samba Samba 3.2.0
Samba Samba 3.2.14
Samba Samba 3.2.7
Samba Samba 3.2.2
Samba Samba 3.1.0
Samba Samba 3.0.28
Samba Samba 3.0.16
Samba Samba 3.0.15
Samba Samba 3.0.11
NA
CVE-2013-0214
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to hijack the authentication of arbitrary users by leveraging knowledge of a passw...
Samba Samba 3.6.5
Samba Samba 3.6.6
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.9
Samba Samba 3.6.10
Samba Samba 3.6.3
Samba Samba 3.6.4
Samba Samba 3.6.11
Samba Samba 3.6.0
Samba Samba 3.6.7
Samba Samba 3.6.8
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 3.5.14
Samba Samba 3.5.13
Samba Samba 3.5.6
Samba Samba 3.5.5
Samba Samba 3.4.15
Samba Samba 3.4.14
Samba Samba 3.4.7
Samba Samba 3.4.6
NA
CVE-2012-1182
The RPC code generator in Samba 3.x prior to 3.4.16, 3.5.x prior to 3.5.14, and 3.6.x prior to 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote malicious users to execute arbitrary code v...
Samba Samba 3.4.0
Samba Samba 3.4.14
Samba Samba 3.4.5
Samba Samba 3.4.6
Samba Samba 3.3.15
Samba Samba 3.3.16
Samba Samba 3.3.5
Samba Samba 3.3.4
Samba Samba 3.3.3
Samba Samba 3.2.4
Samba Samba 3.2.3
Samba Samba 3.2.11
Samba Samba 3.2.12
Samba Samba 3.0.14
Samba Samba 3.0.29
Samba Samba 3.0.1
Samba Samba 3.0.0
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.6
1 EDB exploit
2 Nmap scripts
15 Github repositories
NA
CVE-2011-2724
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and previous versions does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab c...
Samba Samba 3.0.19
Samba Samba 3.0.23
Samba Samba 3.0.14a
Samba Samba 2.2.1a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 2.0.10
Samba Samba 2.2.12
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 2.2.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 2.0.1
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 2.2.3a
Samba Samba 3.5.9
NA
CVE-2011-0719
Samba 3.x prior to 3.3.15, 3.4.x prior to 3.4.12, and 3.5.x prior to 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote malicious users to cause a denial of service (stack memory corruption, and infinite loop or daemon cra...
Samba Samba 3.0.28
Samba Samba 3.2.13
Samba Samba 3.0.35
Samba Samba 3.0.18
Samba Samba 3.0.17
Samba Samba 3.0.10
Samba Samba 3.0.13
Samba Samba 3.0.24
Samba Samba 3.0.25
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.2.5
Samba Samba 3.0.27
Samba Samba 3.0.37
Samba Samba 3.0.29
Samba Samba 3.0.15
Samba Samba 3.0.11
Samba Samba 3.0.23c
Samba Samba 3.0.23d
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.2a
NA
CVE-2010-2063
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x prior to 3.3.13 allows remote malicious users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a craf...
Samba Samba
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
1 EDB exploit
NA
CVE-2010-1635
The chain_reply function in process.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a ...
Samba Samba 3.0.19
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.2.3
Samba Samba 3.3
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.2.4
Samba Samba 3.0.5
Samba Samba 3.3.9
NA
CVE-2010-1642
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup ...
Samba Samba 3.0.19
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.2.3
Samba Samba 3.3
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.2.4
Samba Samba 3.0.5
Samba Samba 3.3.9
NA
CVE-2009-3297
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0787, CVE-2010-0788, CVE-2010-0789. Reason: this candidate was intended for one issue in Samba, but it was used for multiple distinct issues, including one in FUSE and one in ncpfs. Notes: All CVE users shoul...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »