Filtered by vendor Samba
Subscribe
Total
230 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0600 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | |||||
| CVE-2004-0807 | 5 Conectiva, Mandrakesoft, Samba and 2 more | 5 Linux, Mandrake Linux, Samba and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | |||||
| CVE-2000-0938 | 1 Samba | 1 Samba | 2024-02-28 | 5.0 MEDIUM | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | |||||
| CVE-2004-0686 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | |||||
| CVE-1999-0182 | 1 Samba | 1 Samba | 2024-02-28 | 10.0 HIGH | N/A |
| Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | |||||
| CVE-2004-0082 | 1 Samba | 1 Samba | 2024-02-28 | 7.5 HIGH | N/A |
| The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | |||||
| CVE-2003-0086 | 1 Samba | 1 Samba | 2024-02-28 | 1.2 LOW | N/A |
| The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | |||||
| CVE-2004-0808 | 1 Samba | 1 Samba | 2024-02-28 | 5.0 MEDIUM | N/A |
| The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | |||||
| CVE-2003-0201 | 6 Apple, Compaq, Hp and 3 more | 8 Mac Os X, Tru64, Cifs-9000 Server and 5 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2024-02-28 | 2.1 LOW | N/A |
| rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | |||||