Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2013-1863
Samba 4.x prior to 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
Samba Samba 4.0.3
Samba Samba 4.0.0
Samba Samba 4.0.2
Samba Samba 4.0.1
534
VMScore
CVE-2009-2813
Samba 3.4 prior to 3.4.2, 3.3 prior to 3.3.8, 3.2 prior to 3.2.15, and 3.0.12 up to and including 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolvi...
Samba Samba 3.4.1
Samba Samba 3.3
Samba Samba 3.3.6
Samba Samba 3.3.7
Samba Samba 3.2.10
Samba Samba 3.2.11
Samba Samba 3.2.13
Samba Samba 3.2.15
Samba Samba 3.0.17
Samba Samba 3.0.18
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.25
Samba Samba 3.0.25c
Samba Samba 3.0.26
Samba Samba 3.0.31
Samba Samba 3.0.32
Samba Samba 3.3.2
Samba Samba 3.3.3
Samba Samba 3.2.2
Samba Samba 3.2.7
Samba Samba 3.2
520
VMScore
CVE-2016-0128
The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-th...
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows 10 1511
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 -
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
517
VMScore
CVE-2017-12150
It was found that samba prior to 4.4.16, 4.5.x prior to 4.5.14, and 4.6.x prior to 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
Samba Samba
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Gluster Storage 3.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
516
VMScore
CVE-2020-14387
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which ...
Samba Rsync 3.2.0
Samba Rsync
516
VMScore
CVE-2019-12098
In the client side of Heimdal prior to 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
Heimdal Project Heimdal
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
516
VMScore
CVE-2017-12151
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an malicious user to read or alter the...
Samba Samba
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server Aus 7.4
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Debian Debian Linux 8.0
Hp Cifs Server B.04.05.11.00
516
VMScore
CVE-2013-6442
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x prior to 4.0.16 and 4.1.x prior to 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote malicious users to bypass intended access restrictions in opportunistic circumstances by leveragi...
Samba Samba 4.1.1
Samba Samba 4.1.2
Samba Samba 4.1.4
Samba Samba 4.1.5
Samba Samba 4.1.0
Samba Samba 4.1.3
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 4.0.4
Samba Samba 4.0.5
Samba Samba 4.0.14
Samba Samba 4.0.15
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.0.12
Samba Samba 4.0.13
Samba Samba 4.0.8
Samba Samba 4.0.9
Samba Samba 4.0.10
Samba Samba 4.0.11
Samba Samba 4.0.6
Samba Samba 4.0.7
516
VMScore
CVE-2009-1888
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x prior to 3.0.35, 3.1.x and 3.2.x prior to 3.2.13, and 3.3.x prior to 3.3.6, when dos filemode is enabled, allows remote malicious users to modify access control lists for files via vectors related to read...
Samba Samba
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
505
VMScore
CVE-1999-0811
Buffer overflow in Samba smbd program via a malformed message command.
Samba Samba 2.0.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »