Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
294
VMScore
CVE-2011-1678
smbfs in Samba 3.5.8 and previous versions attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the ...
Samba Samba
578
VMScore
CVE-2020-25721
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
Samba Samba
169
VMScore
CVE-2009-2948
mount.cifs in Samba 3.0 prior to 3.0.37, 3.2 prior to 3.2.15, 3.3 prior to 3.3.8 and 3.4 prior to 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specify...
Samba Samba
445
VMScore
CVE-2021-23192
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
Samba Samba
187
VMScore
CVE-2008-3789
Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.
Samba Samba
1000
VMScore
CVE-2003-0201
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x prior to 2.2.8a, 2.0.10 and previous versions 2.0.x versions, and Samba-TNG prior to 0.3.2, allows remote malicious users to execute arbitrary code.
Samba Samba 2.0.3
Samba Samba 2.0.4
Samba Samba 2.2.1a
Samba Samba 2.2.3a
Samba Samba 2.0.10
Samba Samba 2.0.2
Samba Samba 2.2.0
Samba Samba 2.2.0a
Samba Samba 2.2.7a
Samba Samba 2.2.8
Samba-tng Samba-tng 0.3
Samba-tng Samba-tng 0.3.1
Samba Samba 2.0.5
Samba Samba 2.0.6
Samba Samba 2.0.7
Samba Samba 2.2.4
Samba Samba 2.2.5
Samba Samba 2.0.0
Samba Samba 2.0.1
Samba Samba 2.0.8
Samba Samba 2.0.9
Samba Samba 2.2.6
12 EDB exploits
3 Github repositories
215
VMScore
CVE-2000-0936
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.
Samba Samba 2.0.7
1 EDB exploit
445
VMScore
CVE-2000-0939
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote malicious users to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart.
Samba Samba 2.0.7
312
VMScore
CVE-2013-0172
Samba 4.0.x prior to 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objec...
Samba Samba 4.0.0
730
VMScore
CVE-2000-0935
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
Samba Samba 2.0.7
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »