Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4138
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 up to and including 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SF...
Samba Samba 3.0.25
Samba Samba 3.0.25a
Samba Samba 3.0.25b
Samba Samba 3.0.25c
NA
CVE-2013-0454
The SMB2 implementation in Samba 3.6.x prior to 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 prior to 1.3.2.3 and 1.4 prior to 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a r...
Canonical Ubuntu Linux 12.04
Samba Samba 3.6.3
Samba Samba 3.6.2
Samba Samba 3.6.1
Samba Samba 3.6.0
Samba Samba
Samba Samba 3.6.4
Ibm Storwize V7000
NA
CVE-2010-0728
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.
Samba Samba 3.4.6
Samba Samba 3.5.0
Samba Samba 3.3.11
NA
CVE-2012-0817
Memory leak in smbd in Samba 3.6.x prior to 3.6.3 allows remote malicious users to cause a denial of service (memory and CPU consumption) by making many connection requests.
Samba Samba 3.6.1
Samba Samba 3.6.0
Samba Samba 3.6.2
NA
CVE-2014-2855
The check_secret function in authenticate.c in rsync 3.1.0 and previous versions allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
Samba Rsync 2.7.8
Samba Rsync 3.0.5
Samba Rsync 2.6.9
Samba Rsync 2.7.1
Samba Rsync 2.7.9
Samba Rsync 3.0.0
Samba Rsync 2.8.9
Samba Rsync 2.7.7
Samba Rsync 2.7.4
Samba Rsync 3.0.8
Samba Rsync 2.8.2
Samba Rsync 2.7.3
Samba Rsync 2.9.9
Samba Rsync 2.9.8
Samba Rsync 3.0.9
Samba Rsync 2.8.7
Samba Rsync 2.9.6
Samba Rsync 3.0.3
Samba Rsync 3.0.2
Samba Rsync 2.9.3
Samba Rsync 2.8.4
Samba Rsync 2.8.1
NA
CVE-2008-1720
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote malicious users to execute arbitrary code via unknown vectors.
Samba Rsync 2.7.8
Samba Rsync 2.6.9
Samba Rsync 2.7.1
Samba Rsync 2.7.9
Samba Rsync 3.0.0
Samba Rsync 2.8.9
Samba Rsync 2.7.7
Samba Rsync 2.7.4
Samba Rsync 2.8.2
Samba Rsync 2.7.3
Samba Rsync 2.9.9
Samba Rsync 2.9.8
Samba Rsync 2.8.7
Samba Rsync 2.9.6
Samba Rsync 2.9.3
Samba Rsync 2.8.4
Samba Rsync 2.8.1
Samba Rsync 2.9.0
Samba Rsync 2.8.8
Samba Rsync 2.8.5
Samba Rsync 2.7.2
Samba Rsync 2.9.7
NA
CVE-2001-1162
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba prior to 2.2.0a allows remote malicious users to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
Samba Samba 2.0.9
Samba Samba 2.2.0
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.0.5
Samba Samba 2.0.6
Hp Cifs-9000 Server A.01.05
Hp Cifs-9000 Server A.01.06
1 EDB exploit
NA
CVE-2004-0807
Samba 3.0.6 and previous versions allows remote malicious users to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
Samba Samba 3.0.1
Samba Samba 3.0.2
Sgi Samba 3.0.2
Sgi Samba 3.0.3
Samba Samba 3.0.0
Samba Samba 3.0.6
Sgi Samba 3.0.1
Conectiva Linux 10.0
Conectiva Linux 9.0
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Sgi Samba 3.0.4
Sgi Samba 3.0.5
Samba Samba 3.0.5
Sgi Samba 3.0.6
Sgi Samba 3.0
Mandrakesoft Mandrake Linux 10.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.1
Suse Suse Linux 8.2
9.1
CVSSv3
CVE-2019-10197
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the conte...
Samba Samba 4.11.0
Samba Samba
Samba Samba 4.9.0
Samba Samba 4.10.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 19.04
4.3
CVSSv3
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.
Samba Samba
Samba Samba 4.18.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »