Filtered by vendor Samba
Subscribe
Total
230 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4314 | 1 Samba | 1 Samba | 2024-02-28 | 8.5 HIGH | N/A |
| smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed. | |||||
| CVE-2008-1105 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2024-02-28 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. | |||||
| CVE-2007-4138 | 1 Samba | 1 Samba | 2024-02-28 | 6.9 MEDIUM | N/A |
| The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined. | |||||
| CVE-2007-2407 | 2 Apple, Samba | 3 Mac Os X, Mac Os X Server, Samba Server | 2024-02-28 | 4.0 MEDIUM | N/A |
| The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. | |||||
| CVE-2007-2447 | 1 Samba | 1 Samba | 2024-02-28 | 6.0 MEDIUM | N/A |
| The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management. | |||||
| CVE-2007-0454 | 3 Debian, Mandrakesoft, Samba | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
| Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. | |||||
| CVE-2007-6015 | 1 Samba | 1 Samba | 2024-02-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. | |||||
| CVE-2007-2444 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2024-02-28 | 7.2 HIGH | N/A |
| Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user. | |||||
| CVE-2007-4572 | 1 Samba | 1 Samba | 2024-02-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests. | |||||
| CVE-2007-0452 | 1 Samba | 1 Samba | 2024-02-28 | 6.8 MEDIUM | N/A |
| smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop. | |||||
| CVE-2007-5398 | 1 Samba | 1 Samba | 2024-02-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request. | |||||
| CVE-2007-2446 | 1 Samba | 1 Samba | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names). | |||||
| CVE-2007-0453 | 1 Samba | 1 Samba | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions. | |||||
| CVE-2006-1059 | 1 Samba | 1 Samba | 2024-02-28 | 1.2 LOW | N/A |
| The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. | |||||
| CVE-2004-0882 | 4 Conectiva, Redhat, Samba and 1 more | 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | |||||
| CVE-2006-3403 | 1 Samba | 1 Samba | 2024-02-28 | 5.0 MEDIUM | N/A |
| The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. | |||||
| CVE-2004-2687 | 2 Apple, Samba | 2 Xcode, Samba | 2024-02-28 | 9.3 HIGH | N/A |
| distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | |||||
| CVE-2004-2546 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2024-02-28 | 6.4 MEDIUM | N/A |
| Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). | |||||
| CVE-2004-1154 | 4 Redhat, Samba, Suse and 1 more | 4 Fedora Core, Samba, Suse Linux and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
| Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. | |||||
| CVE-2004-0930 | 5 Conectiva, Gentoo, Redhat and 2 more | 8 Linux, Linux, Enterprise Linux and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. | |||||