Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba 4.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1863
Samba 4.x prior to 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.0.1
Samba Samba 4.0.0
NA
CVE-2013-4476
Samba 4.0.x prior to 4.0.11 and 4.1.x prior to 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on ...
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.0.6
Samba Samba 4.0.10
Samba Samba 4.0.7
Samba Samba 4.1.0
Samba Samba 4.0.1
Samba Samba 4.0.8
Samba Samba 4.0.0
Samba Samba 4.0.5
Samba Samba 4.0.4
Samba Samba 4.0.9
NA
CVE-2013-0172
Samba 4.0.x prior to 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objec...
Samba Samba 4.0.0
NA
CVE-2013-6442
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x prior to 4.0.16 and 4.1.x prior to 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote malicious users to bypass intended access restrictions in opportunistic circumstances by leveragi...
Samba Samba 4.1.5
Samba Samba 4.1.4
Samba Samba 4.1.0
Samba Samba 4.1.2
Samba Samba 4.1.3
Samba Samba 4.1.1
Samba Samba 4.0.14
Samba Samba 4.0.2
Samba Samba 4.0.11
Samba Samba 4.0.3
Samba Samba 4.0.13
Samba Samba 4.0.6
Samba Samba 4.0.10
Samba Samba 4.0.7
Samba Samba 4.0.1
Samba Samba 4.0.8
Samba Samba 4.0.0
Samba Samba 4.0.5
Samba Samba 4.0.12
Samba Samba 4.0.4
Samba Samba 4.0.15
Samba Samba 4.0.9
NA
CVE-2014-3560
NetBIOS name services daemon (nmbd) in Samba 4.0.x prior to 4.0.21 and 4.1.x prior to 4.1.11 allows remote malicious users to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in str...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 14.04
Samba Samba 4.1.9
Samba Samba 4.1.7
Samba Samba 4.1.8
Samba Samba 4.1.5
Samba Samba 4.1.6
Samba Samba 4.1.4
Samba Samba 4.1.0
Samba Samba 4.1.10
Samba Samba 4.1.2
Samba Samba 4.1.3
Samba Samba 4.1.1
Samba Samba 4.0.14
Samba Samba 4.0.2
Samba Samba 4.0.11
Samba Samba 4.0.3
Samba Samba 4.0.16
Samba Samba 4.0.13
Samba Samba 4.0.17
Samba Samba 4.0.6
NA
CVE-2014-8143
Samba 4.0.x prior to 4.0.24, 4.1.x prior to 4.1.16, and 4.2.x prior to 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by l...
Samba Samba 4.1.9
Samba Samba 4.0.14
Samba Samba 4.1.12
Samba Samba 4.0.2
Samba Samba 4.2.0
Samba Samba 4.1.14
Samba Samba 4.0.22
Samba Samba 4.0.11
Samba Samba 4.1.7
Samba Samba 4.0.3
Samba Samba 4.0.21
Samba Samba 4.0.16
Samba Samba 4.1.8
Samba Samba 4.0.13
Samba Samba 4.1.5
Samba Samba 4.1.6
Samba Samba 4.0.17
Samba Samba 4.0.6
Samba Samba 4.0.19
Samba Samba 4.1.11
Samba Samba 4.0.10
Samba Samba 4.1.4
5.9
CVSSv3
CVE-2016-0771
The internal DNS server in Samba 4.x prior to 4.1.23, 4.2.x prior to 4.2.9, 4.3.x prior to 4.3.6, and 4.4.x prior to 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information...
Samba Samba 4.2.6
Samba Samba 4.1.9
Samba Samba 4.4.0
Samba Samba 4.0.14
Samba Samba 4.0.24
Samba Samba 4.1.16
Samba Samba 4.1.12
Samba Samba 4.0.2
Samba Samba 4.2.0
Samba Samba 4.1.14
Samba Samba 4.0.22
Samba Samba 4.2.1
Samba Samba 4.0.11
Samba Samba 4.1.7
Samba Samba 4.1.22
Samba Samba 4.0.3
Samba Samba 4.3.0
Samba Samba 4.0.21
Samba Samba 4.0.16
Samba Samba 4.1.8
Samba Samba 4.2.4
Samba Samba 4.0.13
NA
CVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x prior to 3.6.25, 4.0.x prior to 4.0.25, 4.1.x prior to 4.1.17, and 4.2.x prior to 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote malicious users to execute arbitrary cod...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
Samba Samba 4.1.9
Samba Samba 3.6.24
Samba Samba 4.0.14
Samba Samba 3.6.17
Samba Samba 4.0.24
Samba Samba 3.5.1
Samba Samba 4.1.16
Samba Samba 4.1.12
Samba Samba 4.0.2
Samba Samba 4.2.0
Samba Samba 3.5.9
Samba Samba 4.1.14
Samba Samba 3.6.10
Samba Samba 3.5.7
Samba Samba 4.0.22
Samba Samba 4.0.11
Samba Samba 4.1.7
Samba Samba 4.0.3
Samba Samba 3.5.11
1 EDB exploit
1 Article
NA
CVE-2013-0213
The Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
Samba Samba 3.0.19
Samba Samba 3.0.23
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.5.9
Samba Samba 3.2.3
Samba Samba 3.5.7
Samba Samba 3.3.15
Samba Samba 3.4.11
Samba Samba 3.0.2a
Samba Samba 3.0.36
NA
CVE-2013-0214
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to hijack the authentication of arbitrary users by leveraging knowledge of a passw...
Samba Samba 3.6.10
Samba Samba 3.6.4
Samba Samba 3.6.9
Samba Samba 3.6.11
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.3
Samba Samba 3.6.8
Samba Samba 3.6.7
Samba Samba 3.6.6
Samba Samba 3.6.5
Samba Samba 3.6.0
Samba Samba 4.0.1
Samba Samba 4.0.0
Samba Samba 3.0.19
Samba Samba 3.0.23
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »