Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.
Samba Samba
Samba Samba 4.18.0
NA
CVE-2023-0922
The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.
Samba Samba
Samba Samba 4.18.0
10
CVSSv2
CVE-2004-0882
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x up to and including 3.0.7 may allow remote malicious users to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
Samba Samba 3.0.0
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.7
Conectiva Linux 10.0
Samba Samba 3.0.4
Redhat Enterprise Linux 2.1
Redhat Fedora Core Core 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Ubuntu Ubuntu Linux 4.1
Redhat Enterprise Linux Desktop 3.0
Redhat Fedora Core Core 2.0
7.5
CVSSv2
CVE-2004-0082
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password.
Samba Samba 3.0.1
Samba Samba 3.0.0
5
CVSSv2
CVE-2004-0930
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
Samba Samba 3.0.7
Sgi Samba 3.0.1
Sgi Samba 3.0
Conectiva Linux 10.0
Samba Samba 3.0.5
Samba Samba 3.0.6
Sgi Samba 3.0.6
Sgi Samba 3.0.7
Samba Samba 3.0.0
Sgi Samba 3.0.2
Sgi Samba 3.0.3
Samba Samba 3.0.3
Samba Samba 3.0.4
Sgi Samba 3.0.4
Sgi Samba 3.0.5
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Fedora Core Core 3.0
Gentoo Linux
Redhat Enterprise Linux Desktop 3.0
Redhat Fedora Core Core 2.0
10
CVSSv2
CVE-2004-0600
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote malicious users to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
1 EDB exploit
5.1
CVSSv2
CVE-2011-1097
rsync 3.x prior to 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
Samba Rsync 3.0.5
Samba Rsync 3.0.0
Samba Rsync 3.0.3
Samba Rsync 3.0.2
Samba Rsync 3.0.7
Samba Rsync 3.0.4
Samba Rsync 3.0.1
Samba Rsync 3.0.6
10
CVSSv2
CVE-2003-0196
Multiple buffer overflows in Samba prior to 2.2.8a may allow remote malicious users to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
Samba-tng Samba-tng 0.3
Samba-tng Samba-tng 0.3.1
Samba Samba 2.0.5
Samba Samba 2.0.6
Samba Samba 2.2.3
Samba Samba 2.2.3a
Samba Samba 2.0.0
Samba Samba 2.0.1
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.0.9
Samba Samba 2.2.4
Samba Samba 2.2.5
Samba Samba 2.0.10
Samba Samba 2.0.2
Samba Samba 2.2.0
Samba Samba 2.2.0a
Samba Samba 2.2.6
Samba Samba 2.2.7
Samba Samba 2.0.3
Samba Samba 2.0.4
Samba Samba 2.2.1a
4
CVSSv2
CVE-2009-2906
smbd in Samba 3.0 prior to 3.0.37, 3.2 prior to 3.2.15, 3.3 prior to 3.3.8, and 3.4 prior to 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.
Samba Samba 3.4.0
Samba Samba 3.4.1
Samba Samba
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
6.5
CVSSv2
CVE-2021-3738
In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the us...
Samba Samba
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »