VYPR

Samba

by Samba (software)

Source repositories

CVEs (206)

  • CVE-2009-1886Jun 25, 2009
    risk 0.04cvss epss 0.12

    Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.

  • CVE-2001-1162Jun 23, 2001
    risk 0.04cvss epss 0.12

    Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

  • CVE-2000-0937Dec 19, 2000
    risk 0.04cvss epss 0.08

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.

  • CVE-1999-0182Sep 30, 1997
    risk 0.04cvss epss 0.10

    Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.

  • CVE-2021-44142Feb 21, 2022
    risk 0.03cvss epss 0.74

    The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow…

  • CVE-2004-0186Mar 15, 2004
    risk 0.03cvss epss 0.02

    smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.

  • CVE-2001-0406Jul 2, 2001
    risk 0.03cvss epss 0.01

    Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.

  • CVE-2000-0936Dec 19, 2000
    risk 0.03cvss epss 0.01

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.

  • CVE-2000-0935Dec 19, 2000
    risk 0.03cvss epss 0.01

    Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.

  • CVE-1999-0811Jul 21, 1999
    risk 0.03cvss epss 0.03

    Buffer overflow in Samba smbd program via a malformed message command.

  • CVE-2023-34967Jul 20, 2023
    risk 0.02cvss epss 0.63

    A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in…

  • CVE-2020-10745Jul 7, 2020
    risk 0.02cvss epss 0.04

    A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest…

  • CVE-2020-14303Jul 6, 2020
    risk 0.02cvss epss 0.04

    A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.

  • CVE-2014-0244Jun 23, 2014
    risk 0.02cvss epss 0.20

    The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.

  • CVE-2003-0196May 5, 2003
    risk 0.02cvss epss 0.23

    Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

  • CVE-2023-5568Oct 24, 2023
    risk 0.01cvss epss 0.02

    A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.

  • CVE-2023-34966Jul 20, 2023
    risk 0.01cvss epss 0.62

    An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements…

  • CVE-2020-27840May 12, 2021
    risk 0.01cvss epss 0.04

    A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to…

  • CVE-2020-10704May 6, 2020
    risk 0.01cvss epss 0.03

    A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from…

  • CVE-2019-14907Jan 21, 2020
    risk 0.01cvss epss 0.03

    All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during…

Page 4 of 11