Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2000-0935
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
Samba Samba 2.0.7
2 EDB exploits
2.1
CVSSv2
CVE-2000-0936
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.
Samba Samba 2.0.7
1 EDB exploit
5
CVSSv2
CVE-2000-0938
Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote malicious users to identify valid users on the server.
Samba Samba 2.0.7
5
CVSSv2
CVE-2000-0939
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote malicious users to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart.
Samba Samba 2.0.7
3.5
CVSSv2
CVE-2013-0172
Samba 4.0.x prior to 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objec...
Samba Samba 4.0.0
7.2
CVSSv2
CVE-2007-2444
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d up to and including 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.
Samba Samba 3.0.25
Samba Samba 3.0.24
Samba Samba 3.0.23d
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
7.2
CVSSv2
CVE-2004-0186
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
Samba Samba 3.0.0
Samba Samba 2.0
Linux Linux Kernel 2.6.0
Linux Linux Kernel 2.6.1
Linux Linux Kernel 2.6 Test9 Cvs
1 EDB exploit
NA
CVE-2022-1615
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
Samba Samba
Fedoraproject Fedora 37
5.8
CVSSv2
CVE-2020-14387
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which ...
Samba Rsync 3.2.0
Samba Rsync
7.5
CVSSv2
CVE-2021-27185
The samba-client package prior to 4.0.0 for Node.js allows command injection because of the use of process.exec.
Samba-client Project Samba-client
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »