Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-26723
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.
Apple Macos
7.5
CVSSv2
CVE-2021-27185
The samba-client package prior to 4.0.0 for Node.js allows command injection because of the use of process.exec.
Samba-client Project Samba-client
7.5
CVSSv2
CVE-2017-17434
The daemon in rsync 3.1.2, and 3.1.3-development prior to 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in &q...
Samba Rsync
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2017-16548
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) or possibly ha...
Samba Rsync
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv2
CVE-2017-15994
rsync 3.1.3-development prior to 2017-10-24 mishandles archaic checksums, which makes it easier for remote malicious users to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied fo...
Samba Rsync
7.5
CVSSv2
CVE-2010-3069
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba prior to 3.5.5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Samba Samba
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
7.5
CVSSv2
CVE-2010-2063
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x prior to 3.3.13 allows remote malicious users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a craf...
Samba Samba
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-1105
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 up to and including 3.0.29 allows remote malicious users to execute arbitrary code via a crafted SMB response.
Samba Samba
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-1720
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote malicious users to execute arbitrary code via unknown vectors.
Samba Rsync 2.7.8
Samba Rsync 2.6.9
Samba Rsync 2.7.1
Samba Rsync 2.7.9
Samba Rsync 3.0.0
Samba Rsync 2.8.9
Samba Rsync 2.7.7
Samba Rsync 2.7.4
Samba Rsync 2.8.2
Samba Rsync 2.7.3
Samba Rsync 2.9.9
Samba Rsync 2.9.8
Samba Rsync 2.8.7
Samba Rsync 2.9.6
Samba Rsync 2.9.3
Samba Rsync 2.8.4
Samba Rsync 2.8.1
Samba Rsync 2.9.0
Samba Rsync 2.8.8
Samba Rsync 2.8.5
Samba Rsync 2.7.2
Samba Rsync 2.9.7
7.5
CVSSv2
CVE-2007-0454
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 up to and including 3.0.23d allows context-dependent malicious users to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL...
Samba Samba 3.0.14
Samba Samba 3.0.14a
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.12
Samba Samba 3.0.13
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.9
Samba Samba 3.0.20
Samba Samba 3.0.20a
Samba Samba 3.0.23d
Samba Samba 3.0.6
Samba Samba 3.0.10
Samba Samba 3.0.11
Samba Samba 3.0.20b
Samba Samba 3.0.21
Samba Samba 3.0.7
Samba Samba 3.0.8
Debian Debian Linux 3.0
Debian Debian Linux 3.1
Mandrakesoft Mandrake Linux 2006
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »