Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba 4.0.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-16851
Samba from version 4.0.0 and prior to 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB...
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2018-14629
A denial of service vulnerability exists in Samba's LDAP server prior to 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.
Samba Samba
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2016-2126
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with...
Samba Samba
5.9
CVSSv3
CVE-2016-0771
The internal DNS server in Samba 4.x prior to 4.1.23, 4.2.x prior to 4.2.9, 4.3.x prior to 4.3.6, and 4.4.x prior to 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information...
Samba Samba 4.3.4
Samba Samba 4.3.3
Samba Samba 4.2.6
Samba Samba 4.2.5
Samba Samba 4.2.0
Samba Samba 4.1.21
Samba Samba 4.1.20
Samba Samba 4.1.14
Samba Samba 4.1.13
Samba Samba 4.0.8
Samba Samba 4.0.7
Samba Samba 4.0.6
Samba Samba 4.0.21
Samba Samba 4.0.20
Samba Samba 4.0.14
Samba Samba 4.0.13
Samba Samba 4.4.0
Samba Samba 4.1.22
Samba Samba 4.3.2
Samba Samba 4.2.2
Samba Samba 4.2.1
Samba Samba 4.1.6
4.9
CVSSv3
CVE-2019-14847
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x prior to 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
Samba Samba
Opensuse Leap 15.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
NA
CVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x prior to 3.6.25, 4.0.x prior to 4.0.25, 4.1.x prior to 4.1.17, and 4.2.x prior to 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote malicious users to execute arbitrary cod...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
Samba Samba 4.1.9
Samba Samba 3.6.24
Samba Samba 4.0.14
Samba Samba 3.6.17
Samba Samba 4.0.24
Samba Samba 3.5.1
Samba Samba 4.1.16
Samba Samba 4.1.12
Samba Samba 4.0.2
Samba Samba 4.2.0
Samba Samba 3.5.9
Samba Samba 4.1.14
Samba Samba 3.6.10
Samba Samba 3.5.7
Samba Samba 4.0.22
Samba Samba 4.0.11
Samba Samba 4.1.7
Samba Samba 4.0.3
Samba Samba 3.5.11
1 EDB exploit
1 Article
NA
CVE-2014-8143
Samba 4.0.x prior to 4.0.24, 4.1.x prior to 4.1.16, and 4.2.x prior to 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by l...
Samba Samba 4.0.12
Samba Samba 4.0.13
Samba Samba 4.0.14
Samba Samba 4.0.20
Samba Samba 4.0.21
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 4.0.17
Samba Samba 4.0.18
Samba Samba 4.0.3
Samba Samba 4.0.4
Samba Samba 4.1.1
Samba Samba 4.1.10
Samba Samba 4.1.4
Samba Samba 4.1.5
Samba Samba 4.2.0
Samba Samba 4.0.7
Samba Samba 4.0.8
Samba Samba 4.1.14
Samba Samba 4.1.15
Samba Samba 4.1.8
Samba Samba 4.1.9
NA
CVE-2014-3560
NetBIOS name services daemon (nmbd) in Samba 4.0.x prior to 4.0.21 and 4.1.x prior to 4.1.11 allows remote malicious users to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in str...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 14.04
Samba Samba 4.1.9
Samba Samba 4.1.7
Samba Samba 4.1.8
Samba Samba 4.1.5
Samba Samba 4.1.6
Samba Samba 4.1.4
Samba Samba 4.1.0
Samba Samba 4.1.10
Samba Samba 4.1.2
Samba Samba 4.1.3
Samba Samba 4.1.1
Samba Samba 4.0.14
Samba Samba 4.0.2
Samba Samba 4.0.11
Samba Samba 4.0.3
Samba Samba 4.0.16
Samba Samba 4.0.13
Samba Samba 4.0.17
Samba Samba 4.0.6
NA
CVE-2013-6442
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x prior to 4.0.16 and 4.1.x prior to 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote malicious users to bypass intended access restrictions in opportunistic circumstances by leveragi...
Samba Samba 4.1.1
Samba Samba 4.1.2
Samba Samba 4.1.4
Samba Samba 4.1.5
Samba Samba 4.1.0
Samba Samba 4.1.3
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 4.0.4
Samba Samba 4.0.5
Samba Samba 4.0.14
Samba Samba 4.0.15
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.0.12
Samba Samba 4.0.13
Samba Samba 4.0.8
Samba Samba 4.0.9
Samba Samba 4.0.10
Samba Samba 4.0.11
Samba Samba 4.0.6
Samba Samba 4.0.7
NA
CVE-2013-4476
Samba 4.0.x prior to 4.0.11 and 4.1.x prior to 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on ...
Samba Samba 4.0.10
Samba Samba 4.0.1
Samba Samba 4.0.8
Samba Samba 4.0.9
Samba Samba 4.0.6
Samba Samba 4.0.7
Samba Samba 4.0.0
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.1.0
Samba Samba 4.0.4
Samba Samba 4.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »