Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samba samba 3.5.0 vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2010-0728
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.
Samba Samba 3.4.6
Samba Samba 3.5.0
Samba Samba 3.3.11
361
VMScore
CVE-2010-0926
The default configuration of smbd in Samba prior to 3.3.11, 3.4.x prior to 3.4.6, and 3.5.x prior to 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command...
Samba Samba 3.3.3
Samba Samba 3.4.2
Samba Samba 3.4.0
Samba Samba 3.3.9
Samba Samba 3.4.5
Samba Samba 3.3.4
Samba Samba 3.3.7
Samba Samba 3.4.1
Samba Samba 3.3.1
Samba Samba 3.3.0
Samba Samba 3.3.6
Samba Samba 3.5.0
Samba Samba 3.3.2
Samba Samba 3.4.4
Samba Samba 3.4.3
Samba Samba 3.3.8
Samba Samba 3.3.5
Samba Samba 3.3.10
2 EDB exploits
2 Github repositories
578
VMScore
CVE-2012-2111
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x prior to 3.4.17, 3.5.x prior to 3.5.15, and 3.6.x prior to 3.6.5 do not properly restrict modifications to the privileges database, which allows rem...
Samba Samba 3.4.4
Samba Samba 3.4.5
Samba Samba 3.4.12
Samba Samba 3.4.13
Samba Samba 3.4.1
Samba Samba 3.4.2
Samba Samba 3.4.3
Samba Samba 3.4.10
Samba Samba 3.4.11
Samba Samba 3.4.0
Samba Samba 3.4.8
Samba Samba 3.4.9
Samba Samba 3.4.16
Samba Samba 3.4.6
Samba Samba 3.4.7
Samba Samba 3.4.14
Samba Samba 3.4.15
Samba Samba 3.5.2
Samba Samba 3.5.3
Samba Samba 3.5.11
Samba Samba 3.5.12
Samba Samba 3.5.0
445
VMScore
CVE-2010-1635
The chain_reply function in process.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a ...
Samba Samba 3.0.19
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.2.3
Samba Samba 3.3
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.2.4
Samba Samba 3.0.5
Samba Samba 3.3.9
445
VMScore
CVE-2010-1642
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba prior to 3.4.8 and 3.5.x prior to 3.5.2 allows remote malicious users to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup ...
Samba Samba 3.0.19
Samba Samba 3.0.14a
Samba Samba 3.0.27
Samba Samba 3.0.31
Samba Samba 3.0.3
Samba Samba 3.0.8
Samba Samba 3.2.15
Samba Samba 3.3.3
Samba Samba 3.5.1
Samba Samba 3.0.29
Samba Samba 3.0.25
Samba Samba 3.0.25b
Samba Samba 3.2.5
Samba Samba 3.4.2
Samba Samba 3.2.3
Samba Samba 3.3
Samba Samba 3.0.2a
Samba Samba 3.0.36
Samba Samba 3.4.0
Samba Samba 3.2.4
Samba Samba 3.0.5
Samba Samba 3.3.9
445
VMScore
CVE-2011-0719
Samba 3.x prior to 3.3.15, 3.4.x prior to 3.4.12, and 3.5.x prior to 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote malicious users to cause a denial of service (stack memory corruption, and infinite loop or daemon cra...
Samba Samba 3.0.28
Samba Samba 3.2.13
Samba Samba 3.0.35
Samba Samba 3.0.18
Samba Samba 3.0.17
Samba Samba 3.0.10
Samba Samba 3.0.13
Samba Samba 3.0.24
Samba Samba 3.0.25
Samba Samba 3.0.21c
Samba Samba 3.0.22
Samba Samba 3.2.5
Samba Samba 3.0.27
Samba Samba 3.0.37
Samba Samba 3.0.29
Samba Samba 3.0.15
Samba Samba 3.0.11
Samba Samba 3.0.23c
Samba Samba 3.0.23d
Samba Samba 3.0.21a
Samba Samba 3.0.21b
Samba Samba 3.0.2a
1000
VMScore
CVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x prior to 3.6.25, 4.0.x prior to 4.0.25, 4.1.x prior to 4.1.17, and 4.2.x prior to 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote malicious users to execute arbitrary cod...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
Samba Samba 4.1.9
Samba Samba 3.6.24
Samba Samba 4.0.14
Samba Samba 3.6.17
Samba Samba 4.0.24
Samba Samba 3.5.1
Samba Samba 4.1.16
Samba Samba 4.1.12
Samba Samba 4.0.2
Samba Samba 4.2.0
Samba Samba 3.5.9
Samba Samba 4.1.14
Samba Samba 3.6.10
Samba Samba 3.5.7
Samba Samba 4.0.22
Samba Samba 4.0.11
Samba Samba 4.1.7
Samba Samba 4.0.3
Samba Samba 3.5.11
1 EDB exploit
1 Article
1000
VMScore
CVE-2012-1182
The RPC code generator in Samba 3.x prior to 3.4.16, 3.5.x prior to 3.5.14, and 3.6.x prior to 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote malicious users to execute arbitrary code v...
Samba Samba 3.4.0
Samba Samba 3.4.14
Samba Samba 3.4.5
Samba Samba 3.4.6
Samba Samba 3.3.15
Samba Samba 3.3.16
Samba Samba 3.3.5
Samba Samba 3.3.4
Samba Samba 3.3.3
Samba Samba 3.2.4
Samba Samba 3.2.3
Samba Samba 3.2.11
Samba Samba 3.2.12
Samba Samba 3.0.14
Samba Samba 3.0.29
Samba Samba 3.0.1
Samba Samba 3.0.0
Samba Samba 3.0.23b
Samba Samba 3.0.23c
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.6
1 EDB exploit
2 Nmap scripts
16 Github repositories
454
VMScore
CVE-2013-0213
The Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
Samba Samba 3.5.15
Samba Samba 3.5.14
Samba Samba 3.5.6
Samba Samba 3.5.5
Samba Samba 3.4.16
Samba Samba 3.4.15
Samba Samba 3.4.8
Samba Samba 3.4.7
Samba Samba 3.4.6
Samba Samba 3.3.9
Samba Samba 3.3.10
Samba Samba 3.3.12
Samba Samba 3.3.13
Samba Samba 3.2.0
Samba Samba 3.2.14
Samba Samba 3.2.7
Samba Samba 3.2.2
Samba Samba 3.1.0
Samba Samba 3.0.28
Samba Samba 3.0.16
Samba Samba 3.0.15
Samba Samba 3.0.11
454
VMScore
CVE-2013-0214
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x prior to 3.5.21, 3.6.x prior to 3.6.12, and 4.x prior to 4.0.2 allows remote malicious users to hijack the authentication of arbitrary users by leveraging knowledge of a passw...
Samba Samba 3.6.5
Samba Samba 3.6.6
Samba Samba 3.6.1
Samba Samba 3.6.2
Samba Samba 3.6.9
Samba Samba 3.6.10
Samba Samba 3.6.3
Samba Samba 3.6.4
Samba Samba 3.6.11
Samba Samba 3.6.0
Samba Samba 3.6.7
Samba Samba 3.6.8
Samba Samba 4.0.0
Samba Samba 4.0.1
Samba Samba 3.5.14
Samba Samba 3.5.13
Samba Samba 3.5.6
Samba Samba 3.5.5
Samba Samba 3.4.15
Samba Samba 3.4.14
Samba Samba 3.4.7
Samba Samba 3.4.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »