Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
107
VMScore
CVE-2006-1059
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.21c
Samba Samba 3.0.21
356
VMScore
CVE-2013-0454
The SMB2 implementation in Samba 3.6.x prior to 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 prior to 1.3.2.3 and 1.4 prior to 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a r...
Canonical Ubuntu Linux 12.04
Samba Samba 3.6.3
Samba Samba 3.6.2
Samba Samba 3.6.1
Samba Samba 3.6.0
Samba Samba
Samba Samba 3.6.4
Ibm Storwize V7000
694
VMScore
CVE-2014-2855
The check_secret function in authenticate.c in rsync 3.1.0 and previous versions allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
Samba Rsync 2.7.8
Samba Rsync 3.0.5
Samba Rsync 2.6.9
Samba Rsync 2.7.1
Samba Rsync 2.7.9
Samba Rsync 3.0.0
Samba Rsync 2.8.9
Samba Rsync 2.7.7
Samba Rsync 2.7.4
Samba Rsync 3.0.8
Samba Rsync 2.8.2
Samba Rsync 2.7.3
Samba Rsync 2.9.9
Samba Rsync 2.9.8
Samba Rsync 3.0.9
Samba Rsync 2.8.7
Samba Rsync 2.9.6
Samba Rsync 3.0.3
Samba Rsync 3.0.2
Samba Rsync 2.9.3
Samba Rsync 2.8.4
Samba Rsync 2.8.1
445
VMScore
CVE-2012-0817
Memory leak in smbd in Samba 3.6.x prior to 3.6.3 allows remote malicious users to cause a denial of service (memory and CPU consumption) by making many connection requests.
Samba Samba 3.6.1
Samba Samba 3.6.0
Samba Samba 3.6.2
756
VMScore
CVE-2010-0728
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.
Samba Samba 3.4.6
Samba Samba 3.5.0
Samba Samba 3.3.11
668
VMScore
CVE-2008-1720
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote malicious users to execute arbitrary code via unknown vectors.
Samba Rsync 2.7.8
Samba Rsync 2.6.9
Samba Rsync 2.7.1
Samba Rsync 2.7.9
Samba Rsync 3.0.0
Samba Rsync 2.8.9
Samba Rsync 2.7.7
Samba Rsync 2.7.4
Samba Rsync 2.8.2
Samba Rsync 2.7.3
Samba Rsync 2.9.9
Samba Rsync 2.9.8
Samba Rsync 2.8.7
Samba Rsync 2.9.6
Samba Rsync 2.9.3
Samba Rsync 2.8.4
Samba Rsync 2.8.1
Samba Rsync 2.9.0
Samba Rsync 2.8.8
Samba Rsync 2.8.5
Samba Rsync 2.7.2
Samba Rsync 2.9.7
1000
VMScore
CVE-2001-1162
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba prior to 2.2.0a allows remote malicious users to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
Samba Samba 2.0.9
Samba Samba 2.2.0
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.0.5
Samba Samba 2.0.6
Hp Cifs-9000 Server A.01.05
Hp Cifs-9000 Server A.01.06
1 EDB exploit
445
VMScore
CVE-2004-0807
Samba 3.0.6 and previous versions allows remote malicious users to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
Samba Samba 3.0.1
Samba Samba 3.0.2
Sgi Samba 3.0.2
Sgi Samba 3.0.3
Samba Samba 3.0.0
Samba Samba 3.0.6
Sgi Samba 3.0.1
Conectiva Linux 10.0
Conectiva Linux 9.0
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Sgi Samba 3.0.4
Sgi Samba 3.0.5
Samba Samba 3.0.5
Sgi Samba 3.0.6
Sgi Samba 3.0
Mandrakesoft Mandrake Linux 10.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.1
Suse Suse Linux 8.2
570
VMScore
CVE-2019-10197
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the conte...
Samba Samba 4.11.0
Samba Samba
Samba Samba 4.9.0
Samba Samba 4.10.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 19.04
NA
CVE-2023-0614
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Samba Samba
Samba Samba 4.18.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »