Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-10745
A flaw was found in all Samba versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highe...
Samba Samba
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2020-14303
A flaw was found in the AD DC NBT server in all Samba versions prior to 4.10.17, prior to 4.11.11 and prior to 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
Samba Samba
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
7.5
CVSSv3
CVE-2020-10704
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from ...
Samba Samba
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.2
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2018-16860
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and ...
Samba Samba
Heimdal Project Heimdal
7.5
CVSSv3
CVE-2017-2619
Samba prior to 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Debian Debian Linux 8.0
1 EDB exploit
1 Github repository
1 Article
7.5
CVSSv3
CVE-2018-5764
The parse_arguments function in options.c in rsyncd in rsync prior to 3.1.3 does not prevent multiple --protect-args uses, which allows remote malicious users to bypass an argument-sanitization protection mechanism.
Samba Rsync
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv3
CVE-2015-8467
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x prior to 4.1.22, 4.2.x prior to 4.2.7, and 4.3.x prior to 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authen...
Samba Samba
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
7.5
CVSSv3
CVE-2004-1002
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote malicious users to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.
Samba Ppp 2.4.1
Canonical Ubuntu Linux 4.10
7.4
CVSSv3
CVE-2022-29154
An issue exists in rsync prior to 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file ...
Samba Rsync
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2 Github repositories
7.4
CVSSv3
CVE-2020-14387
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which ...
Samba Rsync 3.2.0
Samba Rsync
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »