Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.
Samba Samba
Samba Samba 4.18.0
NA
CVE-2023-0614
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Samba Samba
Samba Samba 4.18.0
10
CVSSv2
CVE-2004-0882
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x up to and including 3.0.7 may allow remote malicious users to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
Samba Samba 3.0.0
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.7
Conectiva Linux 10.0
Samba Samba 3.0.4
Redhat Enterprise Linux 2.1
Redhat Fedora Core Core 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Ubuntu Ubuntu Linux 4.1
Redhat Enterprise Linux Desktop 3.0
Redhat Fedora Core Core 2.0
7.5
CVSSv2
CVE-2004-0082
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password.
Samba Samba 3.0.1
Samba Samba 3.0.0
5
CVSSv2
CVE-2004-0930
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
Samba Samba 3.0.7
Sgi Samba 3.0.1
Sgi Samba 3.0
Conectiva Linux 10.0
Samba Samba 3.0.5
Samba Samba 3.0.6
Sgi Samba 3.0.6
Sgi Samba 3.0.7
Samba Samba 3.0.0
Sgi Samba 3.0.2
Sgi Samba 3.0.3
Samba Samba 3.0.3
Samba Samba 3.0.4
Sgi Samba 3.0.4
Sgi Samba 3.0.5
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Fedora Core Core 3.0
Gentoo Linux
Redhat Enterprise Linux Desktop 3.0
Redhat Fedora Core Core 2.0
5.1
CVSSv2
CVE-2011-1097
rsync 3.x prior to 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
Samba Rsync 3.0.5
Samba Rsync 3.0.0
Samba Rsync 3.0.3
Samba Rsync 3.0.2
Samba Rsync 3.0.7
Samba Rsync 3.0.4
Samba Rsync 3.0.1
Samba Rsync 3.0.6
10
CVSSv2
CVE-2004-0600
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote malicious users to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
1 EDB exploit
10
CVSSv2
CVE-2003-0196
Multiple buffer overflows in Samba prior to 2.2.8a may allow remote malicious users to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
Samba-tng Samba-tng 0.3
Samba-tng Samba-tng 0.3.1
Samba Samba 2.0.5
Samba Samba 2.0.6
Samba Samba 2.2.3
Samba Samba 2.2.3a
Samba Samba 2.0.0
Samba Samba 2.0.1
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.0.9
Samba Samba 2.2.4
Samba Samba 2.2.5
Samba Samba 2.0.10
Samba Samba 2.0.2
Samba Samba 2.2.0
Samba Samba 2.2.0a
Samba Samba 2.2.6
Samba Samba 2.2.7
Samba Samba 2.0.3
Samba Samba 2.0.4
Samba Samba 2.2.1a
4
CVSSv2
CVE-2009-2906
smbd in Samba 3.0 prior to 3.0.37, 3.2 prior to 3.2.15, 3.3 prior to 3.3.8, and 3.4 prior to 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.
Samba Samba 3.4.0
Samba Samba 3.4.1
Samba Samba
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
NA
CVE-2022-32746
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAc...
Samba Samba
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »