Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-0239
The internal DNS server in Samba 4.x prior to 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote malicious users to cause a denial of service (CPU and bandwidth consumption) via a forged response pack...
Samba Samba
6.5
CVSSv2
CVE-2020-25721
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
Samba Samba
2.1
CVSSv2
CVE-2008-3789
Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.
Samba Samba
1.9
CVSSv2
CVE-2009-2948
mount.cifs in Samba 3.0 prior to 3.0.37, 3.2 prior to 3.2.15, 3.3 prior to 3.3.8 and 3.4 prior to 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specify...
Samba Samba
3.3
CVSSv2
CVE-2018-1140
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards ...
Samba Samba
10
CVSSv2
CVE-2003-0201
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x prior to 2.2.8a, 2.0.10 and previous versions 2.0.x versions, and Samba-TNG prior to 0.3.2, allows remote malicious users to execute arbitrary code.
Samba Samba 2.0.3
Samba Samba 2.0.4
Samba Samba 2.2.1a
Samba Samba 2.2.3a
Samba Samba 2.0.10
Samba Samba 2.0.2
Samba Samba 2.2.0
Samba Samba 2.2.0a
Samba Samba 2.2.7a
Samba Samba 2.2.8
Samba-tng Samba-tng 0.3
Samba-tng Samba-tng 0.3.1
Samba Samba 2.0.5
Samba Samba 2.0.6
Samba Samba 2.0.7
Samba Samba 2.2.4
Samba Samba 2.2.5
Samba Samba 2.0.0
Samba Samba 2.0.1
Samba Samba 2.0.8
Samba Samba 2.0.9
Samba Samba 2.2.6
12 EDB exploits
3 Github repositories
10
CVSSv2
CVE-1999-0810
Denial of service in Samba NETBIOS name service daemon (nmbd).
Samba Samba 2.0.5
5
CVSSv2
CVE-1999-0811
Buffer overflow in Samba smbd program via a malformed message command.
Samba Samba 2.0.4
1 EDB exploit
7.6
CVSSv2
CVE-1999-0812
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.
Samba Samba 2.0.5
7.2
CVSSv2
CVE-2000-0935
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
Samba Samba 2.0.7
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »