Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba 3.0.25a vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2007-4138
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 up to and including 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SF...
Samba Samba 3.0.25
Samba Samba 3.0.25a
Samba Samba 3.0.25b
Samba Samba 3.0.25c
828
VMScore
CVE-2007-5398
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 up to and including 3.0.26a, when operating as a WINS server, allows remote malicious users to execute arbitrary code via crafted WINS Name Registration requests followe...
Samba Samba 3.0.1
Samba Samba 3.0.10
Samba Samba 3.0.16
Samba Samba 3.0.17
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.23d
Samba Samba 3.0.24
Samba Samba 3.0.25a
Samba Samba 3.0.25b
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.11
Samba Samba 3.0.12
Samba Samba 3.0.18
Samba Samba 3.0.19
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.25
Samba Samba 3.0.25c
Samba Samba 3.0.26
828
VMScore
CVE-2007-4572
Stack-based buffer overflow in nmbd in Samba 3.0.0 up to and including 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote malicious users to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server request...
Samba Samba 3.0.11
Samba Samba 3.0.12
Samba Samba 3.0.18
Samba Samba 3.0.19
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.25
Samba Samba 3.0.25c
Samba Samba 3.0.26
Samba Samba 3.0.26a
Samba Samba 3.0.7
Samba Samba 3.0.8
Samba Samba 3.0.0
Samba Samba 3.0.14a
Samba Samba 3.0.15
Samba Samba 3.0.20b
Samba Samba 3.0.21
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.4
Samba Samba 3.0.1
Samba Samba 3.0.10
935
VMScore
CVE-2007-6015
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 up to and including 3.0.27a, when the "domain logons" option is enabled, allows remote malicious users to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string...
Samba Samba 2.0.1
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.2.3
Samba Samba 2.2.3a
Samba Samba 2.2.8a
Samba Samba 2.2.9
Samba Samba 3.0.13
Samba Samba 3.0.14
Samba Samba 3.0.21b
Samba Samba 3.0.21c
Samba Samba 3.0.25
Samba Samba 3.0.25c
Samba Samba 3.0.26
Samba Samba 2.0.3
Samba Samba 2.0.4
Samba Samba 2.2.0a
Samba Samba 2.2.11
Samba Samba 2.2.6
Samba Samba 2.2.7
Samba Samba 3.0.1
Samba Samba 3.0.10
1 EDB exploit
534
VMScore
CVE-2009-2813
Samba 3.4 prior to 3.4.2, 3.3 prior to 3.3.8, 3.2 prior to 3.2.15, and 3.0.12 up to and including 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolvi...
Samba Samba 3.4.1
Samba Samba 3.3
Samba Samba 3.3.6
Samba Samba 3.3.7
Samba Samba 3.2.10
Samba Samba 3.2.11
Samba Samba 3.2.13
Samba Samba 3.2.15
Samba Samba 3.0.17
Samba Samba 3.0.18
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.0.25
Samba Samba 3.0.25c
Samba Samba 3.0.26
Samba Samba 3.0.31
Samba Samba 3.0.32
Samba Samba 3.3.2
Samba Samba 3.3.3
Samba Samba 3.2.2
Samba Samba 3.2.7
Samba Samba 3.2
187
VMScore
CVE-2010-0547
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and previous versions does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
Samba Samba 3.0.14a
Samba Samba 2.2.1a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 2.2.12
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 2.2.3a
Samba Samba 3.2.3
Samba Samba 1.9.18
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.2.4
Samba Samba 3.0.5
445
VMScore
CVE-2010-1635
The chain_reply function in process.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a ...
Samba Samba 3.0.19
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.2.3
Samba Samba 3.3
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.2.4
Samba Samba 3.0.5
Samba Samba 3.3.9
445
VMScore
CVE-2010-1642
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup ...
Samba Samba 3.0.19
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.2.3
Samba Samba 3.3
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.2.4
Samba Samba 3.0.5
Samba Samba 3.3.9
445
VMScore
CVE-2011-0719
Samba 3.x prior to 3.3.15, 3.4.x prior to 3.4.12, and 3.5.x prior to 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote malicious users to cause a denial of service (stack memory corruption, and infinite loop or daemon cra...
Samba Samba 3.0.28
Samba Samba 3.2.13
Samba Samba 3.0.35
Samba Samba 3.0.18
Samba Samba 3.0.17
Samba Samba 3.0.10
Samba Samba 3.0.13
Samba Samba 3.0.24
Samba Samba 3.0.25
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.2.5
Samba Samba 3.0.27
Samba Samba 3.0.37
Samba Samba 3.0.29
Samba Samba 3.0.15
Samba Samba 3.0.11
Samba Samba 3.0.23c
Samba Samba 3.0.23d
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.2a
1000
VMScore
CVE-2012-1182
The RPC code generator in Samba 3.x prior to 3.4.16, 3.5.x prior to 3.5.14, and 3.6.x prior to 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote malicious users to execute arbitrary code v...
Samba Samba 3.4.0
Samba Samba 3.4.14
Samba Samba 3.4.5
Samba Samba 3.4.6
Samba Samba 3.3.15
Samba Samba 3.3.16
Samba Samba 3.3.5
Samba Samba 3.3.4
Samba Samba 3.3.3
Samba Samba 3.2.4
Samba Samba 3.2.3
Samba Samba 3.2.11
Samba Samba 3.2.12
Samba Samba 3.0.14
Samba Samba 3.0.29
Samba Samba 3.0.1
Samba Samba 3.0.0
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.6
1 EDB exploit
2 Nmap scripts
16 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »