Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2015-8467
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x prior to 4.1.22, 4.2.x prior to 4.2.7, and 4.3.x prior to 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authen...
Samba Samba
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
6
CVSSv2
CVE-2013-1863
Samba 4.x prior to 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
Samba Samba 4.0.3
Samba Samba 4.0.0
Samba Samba 4.0.2
Samba Samba 4.0.1
6
CVSSv2
CVE-2009-2813
Samba 3.4 prior to 3.4.2, 3.3 prior to 3.3.8, 3.2 prior to 3.2.15, and 3.0.12 up to and including 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolvi...
Samba Samba 3.4.1
Samba Samba 3.3
Samba Samba 3.3.6
Samba Samba 3.3.7
Samba Samba 3.2.10
Samba Samba 3.2.11
Samba Samba 3.2.13
Samba Samba 3.2.15
Samba Samba 3.0.17
Samba Samba 3.0.18
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.25
Samba Samba 3.0.25c
Samba Samba 3.0.26
Samba Samba 3.0.31
Samba Samba 3.0.32
Samba Samba 3.3.2
Samba Samba 3.3.3
Samba Samba 3.2.2
Samba Samba 3.2.7
Samba Samba 3.2
6
CVSSv2
CVE-2007-2447
The MS-RPC functionality in smbd in Samba 3.0.0 up to and including 3.0.25rc3 allows remote malicious users to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, a...
Samba Samba 3.0.13
Samba Samba 3.0.14
Samba Samba 3.0.2
Samba Samba 3.0.20
Samba Samba 3.0.22
Samba Samba 3.0.23
Samba Samba 3.0.23a
Samba Samba 3.0.25
Samba Samba 3.0.6
Samba Samba 3.0.7
Samba Samba 3.0.0
Samba Samba 3.0.14a
Samba Samba 3.0.15
Samba Samba 3.0.20a
Samba Samba 3.0.20b
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.2a
Samba Samba 3.0.8
Samba Samba 3.0.9
Samba Samba 3.0.11
Samba Samba 3.0.12
1 EDB exploit
45 Github repositories
5.8
CVSSv2
CVE-2020-14387
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which ...
Samba Rsync 3.2.0
Samba Rsync
5.8
CVSSv2
CVE-2019-12098
In the client side of Heimdal prior to 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
Heimdal Project Heimdal
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2017-12151
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an malicious user to read or alter the...
Samba Samba
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server Aus 7.4
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Debian Debian Linux 8.0
Hp Cifs Server B.04.05.11.00
5.8
CVSSv2
CVE-2017-12150
It was found that samba prior to 4.4.16, 4.5.x prior to 4.5.14, and 4.6.x prior to 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
Samba Samba
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Gluster Storage 3.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2016-0128
The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-th...
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows 10 1511
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 -
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
5.8
CVSSv2
CVE-2013-6442
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x prior to 4.0.16 and 4.1.x prior to 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote malicious users to bypass intended access restrictions in opportunistic circumstances by leveragi...
Samba Samba 4.1.1
Samba Samba 4.1.2
Samba Samba 4.1.4
Samba Samba 4.1.5
Samba Samba 4.1.0
Samba Samba 4.1.3
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 4.0.4
Samba Samba 4.0.5
Samba Samba 4.0.14
Samba Samba 4.0.15
Samba Samba 4.0.2
Samba Samba 4.0.3
Samba Samba 4.0.12
Samba Samba 4.0.13
Samba Samba 4.0.8
Samba Samba 4.0.9
Samba Samba 4.0.10
Samba Samba 4.0.11
Samba Samba 4.0.6
Samba Samba 4.0.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »