Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
605
VMScore
CVE-2007-0452
smbd in Samba 3.0.6 up to and including 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.
Samba Samba 3.0.14a
Samba Samba 3.0.20
Samba Samba 3.0.23
Samba Samba 3.0.23a
Samba Samba 3.0.9
Samba Samba 3.0.12
Samba Samba 3.0.13
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.7
Samba Samba 3.0.8
Samba Samba 3.0.20a
Samba Samba 3.0.20b
Samba Samba 3.0.21
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.10
Samba Samba 3.0.11
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.23d
Samba Samba 3.0.6
578
VMScore
CVE-2020-25721
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
Samba Samba
578
VMScore
CVE-2021-3738
In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the us...
Samba Samba
578
VMScore
CVE-2020-25718
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets.
Samba Samba
Fedoraproject Fedora 35
578
VMScore
CVE-2020-25722
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
578
VMScore
CVE-2016-2123
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the...
Samba Samba
578
VMScore
CVE-2018-12561
An issue exists in the cantata-mounter D-Bus service in Cantata up to and including 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL.
Cantata Project Cantata
578
VMScore
CVE-2018-1057
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (e...
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Samba Samba
1 Article
578
VMScore
CVE-2012-2111
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x prior to 3.4.17, 3.5.x prior to 3.5.15, and 3.6.x prior to 3.6.5 do not properly restrict modifications to the privileges database, which allows rem...
Samba Samba 3.4.4
Samba Samba 3.4.5
Samba Samba 3.4.12
Samba Samba 3.4.13
Samba Samba 3.4.1
Samba Samba 3.4.2
Samba Samba 3.4.3
Samba Samba 3.4.10
Samba Samba 3.4.11
Samba Samba 3.4.0
Samba Samba 3.4.8
Samba Samba 3.4.9
Samba Samba 3.4.16
Samba Samba 3.4.6
Samba Samba 3.4.7
Samba Samba 3.4.14
Samba Samba 3.4.15
Samba Samba 3.5.2
Samba Samba 3.5.3
Samba Samba 3.5.11
Samba Samba 3.5.12
Samba Samba 3.5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »