Filtered by vendor Samba
Subscribe
Total
230 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1002 | 2 Canonical, Samba | 2 Ubuntu Linux, Ppp | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location. | |||||
CVE-2000-0937 | 1 Samba | 1 Samba | 2024-02-28 | 7.5 HIGH | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks. | |||||
CVE-2002-1318 | 3 Hp, Samba, Sgi | 3 Cifs-9000 Server, Samba, Irix | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | |||||
CVE-2000-0936 | 1 Samba | 1 Samba | 2024-02-28 | 2.1 LOW | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. | |||||
CVE-2004-0829 | 1 Samba | 1 Samba | 2024-02-28 | 5.0 MEDIUM | N/A |
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. | |||||
CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | |||||
CVE-2003-1332 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | |||||
CVE-2003-0196 | 5 Compaq, Hp, Samba and 2 more | 7 Tru64, Cifs-9000 Server, Hp-ux and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | |||||
CVE-2003-0085 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. | |||||
CVE-2000-0935 | 1 Samba | 1 Samba | 2024-02-28 | 7.2 HIGH | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | |||||
CVE-2000-0939 | 1 Samba | 1 Samba | 2024-02-28 | 5.0 MEDIUM | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. | |||||
CVE-2004-0186 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2024-02-28 | 7.2 HIGH | N/A |
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | |||||
CVE-2004-0028 | 1 Samba | 1 Jitterbug | 2024-02-28 | 7.5 HIGH | N/A |
jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. | |||||
CVE-2001-0406 | 1 Samba | 1 Samba | 2024-02-28 | 2.1 LOW | N/A |
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. | |||||
CVE-2002-2196 | 1 Samba | 1 Samba | 2024-02-28 | 7.5 HIGH | N/A |
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2004-0815 | 1 Samba | 1 Samba | 2024-02-28 | 7.5 HIGH | N/A |
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. | |||||
CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2024-02-28 | 10.0 HIGH | N/A |
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | |||||
CVE-1999-0811 | 1 Samba | 1 Samba | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Samba smbd program via a malformed message command. | |||||
CVE-1999-0812 | 1 Samba | 1 Samba | 2024-02-28 | 7.6 HIGH | N/A |
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | |||||
CVE-1999-0810 | 1 Samba | 1 Samba | 2024-02-28 | 10.0 HIGH | N/A |
Denial of service in Samba NETBIOS name service daemon (nmbd). |