Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
1.2
CVSSv2
CVE-2006-1059
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.21c
Samba Samba 3.0.21
4
CVSSv2
CVE-2013-0454
The SMB2 implementation in Samba 3.6.x prior to 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 prior to 1.3.2.3 and 1.4 prior to 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a r...
Canonical Ubuntu Linux 12.04
Samba Samba 3.6.3
Samba Samba 3.6.2
Samba Samba 3.6.1
Samba Samba 3.6.0
Samba Samba
Samba Samba 3.6.4
Ibm Storwize V7000
7.8
CVSSv2
CVE-2014-2855
The check_secret function in authenticate.c in rsync 3.1.0 and previous versions allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
Samba Rsync 2.7.8
Samba Rsync 3.0.5
Samba Rsync 2.6.9
Samba Rsync 2.7.1
Samba Rsync 2.7.9
Samba Rsync 3.0.0
Samba Rsync 2.8.9
Samba Rsync 2.7.7
Samba Rsync 2.7.4
Samba Rsync 3.0.8
Samba Rsync 2.8.2
Samba Rsync 2.7.3
Samba Rsync 2.9.9
Samba Rsync 2.9.8
Samba Rsync 3.0.9
Samba Rsync 2.8.7
Samba Rsync 2.9.6
Samba Rsync 3.0.3
Samba Rsync 3.0.2
Samba Rsync 2.9.3
Samba Rsync 2.8.4
Samba Rsync 2.8.1
8.5
CVSSv2
CVE-2010-0728
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.
Samba Samba 3.4.6
Samba Samba 3.5.0
Samba Samba 3.3.11
5
CVSSv2
CVE-2012-0817
Memory leak in smbd in Samba 3.6.x prior to 3.6.3 allows remote malicious users to cause a denial of service (memory and CPU consumption) by making many connection requests.
Samba Samba 3.6.1
Samba Samba 3.6.0
Samba Samba 3.6.2
7.5
CVSSv2
CVE-2008-1720
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote malicious users to execute arbitrary code via unknown vectors.
Samba Rsync 2.7.8
Samba Rsync 2.6.9
Samba Rsync 2.7.1
Samba Rsync 2.7.9
Samba Rsync 3.0.0
Samba Rsync 2.8.9
Samba Rsync 2.7.7
Samba Rsync 2.7.4
Samba Rsync 2.8.2
Samba Rsync 2.7.3
Samba Rsync 2.9.9
Samba Rsync 2.9.8
Samba Rsync 2.8.7
Samba Rsync 2.9.6
Samba Rsync 2.9.3
Samba Rsync 2.8.4
Samba Rsync 2.8.1
Samba Rsync 2.9.0
Samba Rsync 2.8.8
Samba Rsync 2.8.5
Samba Rsync 2.7.2
Samba Rsync 2.9.7
10
CVSSv2
CVE-2001-1162
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba prior to 2.2.0a allows remote malicious users to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
Samba Samba 2.0.9
Samba Samba 2.2.0
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.0.5
Samba Samba 2.0.6
Hp Cifs-9000 Server A.01.05
Hp Cifs-9000 Server A.01.06
1 EDB exploit
5
CVSSv2
CVE-2004-0807
Samba 3.0.6 and previous versions allows remote malicious users to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
Samba Samba 3.0.1
Samba Samba 3.0.2
Sgi Samba 3.0.2
Sgi Samba 3.0.3
Samba Samba 3.0.0
Samba Samba 3.0.6
Sgi Samba 3.0.1
Conectiva Linux 10.0
Conectiva Linux 9.0
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Sgi Samba 3.0.4
Sgi Samba 3.0.5
Samba Samba 3.0.5
Sgi Samba 3.0.6
Sgi Samba 3.0
Mandrakesoft Mandrake Linux 10.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.1
Suse Suse Linux 8.2
6.4
CVSSv2
CVE-2019-10197
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the conte...
Samba Samba 4.11.0
Samba Samba
Samba Samba 4.9.0
Samba Samba 4.10.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 19.04
NA
CVE-2023-0614
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Samba Samba
Samba Samba 4.18.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »