VYPR

rpm package

opensuse/samba&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed

Vulnerabilities (173)

  • CVE-2008-3789Aug 27, 2008
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.

  • CVE-2008-1105May 29, 2008
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.

  • CVE-2007-6015Dec 13, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset usernam

  • CVE-2007-5398Nov 16, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Q

  • CVE-2007-4572Nov 16, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

  • CVE-2007-4138Sep 14, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attri

  • CVE-2007-4559CriAug 28, 2007
    affected < 4.18.5+git.313.c8e274c7852-1.1fixed 4.18.5+git.313.c8e274c7852-1.1

    Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

  • CVE-2007-2447May 14, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticat

  • CVE-2007-2446May 14, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarA

  • CVE-2007-2444May 14, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

  • CVE-2007-0452Feb 6, 2007
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.

  • CVE-2006-3403Jul 12, 2006
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

  • CVE-2006-1059Mar 30, 2006
    affected < 4.14.6+git.182.2205d5224e3-1.1fixed 4.14.6+git.182.2205d5224e3-1.1

    The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.

Page 9 of 9

VYPR — Vulnerability Intelligence