Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
Linksys Ea6500 Firmware -
10
CVSSv2
CVE-2017-7494
Samba since version 3.5.0 and prior to 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits
2 Nmap scripts
124 Github repositories
3 Articles
10
CVSSv2
CVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x prior to 3.6.25, 4.0.x prior to 4.0.25, 4.1.x prior to 4.1.17, and 4.2.x prior to 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote malicious users to execute arbitrary cod...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
Samba Samba 4.1.9
Samba Samba 3.6.24
Samba Samba 4.0.14
Samba Samba 3.6.17
Samba Samba 4.0.24
Samba Samba 3.5.1
Samba Samba 4.1.16
Samba Samba 4.1.12
Samba Samba 4.0.2
Samba Samba 4.2.0
Samba Samba 3.5.9
Samba Samba 4.1.14
Samba Samba 3.6.10
Samba Samba 3.5.7
Samba Samba 4.0.22
Samba Samba 4.0.11
Samba Samba 4.1.7
Samba Samba 4.0.3
Samba Samba 3.5.11
1 EDB exploit
1 Article
10
CVSSv2
CVE-2012-1182
The RPC code generator in Samba 3.x prior to 3.4.16, 3.5.x prior to 3.5.14, and 3.6.x prior to 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote malicious users to execute arbitrary code v...
Samba Samba 3.4.0
Samba Samba 3.4.14
Samba Samba 3.4.5
Samba Samba 3.4.6
Samba Samba 3.3.15
Samba Samba 3.3.16
Samba Samba 3.3.5
Samba Samba 3.3.4
Samba Samba 3.3.3
Samba Samba 3.2.4
Samba Samba 3.2.3
Samba Samba 3.2.11
Samba Samba 3.2.12
Samba Samba 3.0.14
Samba Samba 3.0.29
Samba Samba 3.0.1
Samba Samba 3.0.0
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.6
1 EDB exploit
2 Nmap scripts
16 Github repositories
10
CVSSv2
CVE-2011-1018
logwatch.pl in Logwatch 7.3.6 allows remote malicious users to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
Logwatch Logwatch 7.3.6
1 EDB exploit
10
CVSSv2
CVE-2007-2446
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 up to and including 3.0.25rc3 allow remote malicious users to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_typ...
Samba Samba 3.0.14
Samba Samba 3.0.14a
Samba Samba 3.0.20a
Samba Samba 3.0.20b
Samba Samba 3.0.23a
Samba Samba 3.0.23b
Samba Samba 3.0.25
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.15
Samba Samba 3.0.16
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.23c
Samba Samba 3.0.23d
Samba Samba 3.0.2a
Samba Samba 3.0.12
Samba Samba 3.0.13
Samba Samba 3.0.2
Samba Samba 3.0.20
Samba Samba 3.0.22
Samba Samba 3.0.23
4 EDB exploits
3 Github repositories
10
CVSSv2
CVE-2004-0882
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x up to and including 3.0.7 may allow remote malicious users to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
Samba Samba 3.0.0
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.7
Conectiva Linux 10.0
Samba Samba 3.0.4
Redhat Enterprise Linux 2.1
Redhat Fedora Core Core 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Ubuntu Ubuntu Linux 4.1
Redhat Enterprise Linux Desktop 3.0
Redhat Fedora Core Core 2.0
10
CVSSv2
CVE-2004-1154
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x up to and including 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that...
Samba Samba 2.0.0
Samba Samba 2.0.6
Samba Samba 2.0.7
Samba Samba 2.2.1a
Samba Samba 2.2.2
Samba Samba 2.2.3
Samba Samba 2.2.8
Samba Samba 2.2.8a
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 2.0.1
Samba Samba 2.0.10
Samba Samba 2.0.8
Samba Samba 2.0.9
Samba Samba 2.2.3a
Samba Samba 2.2.4
Samba Samba 2.2.9
Samba Samba 2.2a
Samba Samba 3.0.4
Samba Samba 2.0.4
Samba Samba 2.0.5
Samba Samba 2.2.11
10
CVSSv2
CVE-2004-0214
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated us...
Microsoft Internet Explorer 6.0.2900
Microsoft Windows 2000
Microsoft Windows Xp
Microsoft Windows Me
Microsoft Windows 98
1 EDB exploit
10
CVSSv2
CVE-2004-0600
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote malicious users to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
Samba Samba 3.0.2
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.4
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »