Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba 3.6.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2021-20254
A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added t...
Samba Samba
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
4.7
CVSSv3
CVE-2011-3585
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.
Samba Samba 3.6.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
NA
CVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x prior to 3.6.25, 4.0.x prior to 4.0.25, 4.1.x prior to 4.1.17, and 4.2.x prior to 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote malicious users to execute arbitrary cod...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
Samba Samba 4.1.9
Samba Samba 3.6.24
Samba Samba 4.0.14
Samba Samba 3.6.17
Samba Samba 4.0.24
Samba Samba 3.5.1
Samba Samba 4.1.16
Samba Samba 4.1.12
Samba Samba 4.0.2
Samba Samba 4.2.0
Samba Samba 3.5.9
Samba Samba 4.1.14
Samba Samba 3.6.10
Samba Samba 3.5.7
Samba Samba 4.0.22
Samba Samba 4.0.11
Samba Samba 4.1.7
Samba Samba 4.0.3
Samba Samba 3.5.11
1 EDB exploit
1 Article
NA
CVE-2013-0454
The SMB2 implementation in Samba 3.6.x prior to 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 prior to 1.3.2.3 and 1.4 prior to 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a r...
Canonical Ubuntu Linux 12.04
Samba Samba
Samba Samba 3.6.0
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.3
Samba Samba 3.6.4
Ibm Storwize V7000
NA
CVE-2013-0213
The Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
Samba Samba 3.0.19
Samba Samba 3.0.23
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.5.9
Samba Samba 3.2.3
Samba Samba 3.5.7
Samba Samba 3.3.15
Samba Samba 3.4.11
Samba Samba 3.0.2a
Samba Samba 3.0.36
NA
CVE-2013-0214
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to hijack the authentication of arbitrary users by leveraging knowledge of a passw...
Samba Samba 3.6.10
Samba Samba 3.6.4
Samba Samba 3.6.9
Samba Samba 3.6.11
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.3
Samba Samba 3.6.8
Samba Samba 3.6.7
Samba Samba 3.6.6
Samba Samba 3.6.5
Samba Samba 3.6.0
Samba Samba 4.0.1
Samba Samba 4.0.0
Samba Samba 3.0.19
Samba Samba 3.0.23
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
NA
CVE-2012-2111
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x prior to 3.4.17, 3.5.x prior to 3.5.15, and 3.6.x prior to 3.6.5 do not properly restrict modifications to the privileges database, which allows rem...
Samba Samba 3.4.2
Samba Samba 3.4.11
Samba Samba 3.4.0
Samba Samba 3.4.7
Samba Samba 3.4.8
Samba Samba 3.4.5
Samba Samba 3.4.6
Samba Samba 3.4.16
Samba Samba 3.4.1
Samba Samba 3.4.12
Samba Samba 3.4.13
Samba Samba 3.4.10
Samba Samba 3.4.4
Samba Samba 3.4.3
Samba Samba 3.4.14
Samba Samba 3.4.9
Samba Samba 3.4.15
Samba Samba 3.5.1
Samba Samba 3.5.9
Samba Samba 3.5.7
Samba Samba 3.5.11
Samba Samba 3.5.6
NA
CVE-2012-1182
The RPC code generator in Samba 3.x prior to 3.4.16, 3.5.x prior to 3.5.14, and 3.6.x prior to 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote malicious users to execute arbitrary code v...
Samba Samba 3.0.19
Samba Samba 3.0.23
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.2.3
Samba Samba 3.3.15
Samba Samba 3.4.11
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.0.28
1 EDB exploit
2 Nmap scripts
16 Github repositories
NA
CVE-2012-0817
Memory leak in smbd in Samba 3.6.x prior to 3.6.3 allows remote malicious users to cause a denial of service (memory and CPU consumption) by making many connection requests.
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started