Filtered by vendor Samba
Subscriptions
Total
234 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-0936 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. | ||||
CVE-2002-1318 | 4 Hp, Redhat, Samba and 1 more | 4 Cifs-9000 Server, Linux, Samba and 1 more | 2025-04-03 | N/A |
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | ||||
CVE-2001-0406 | 2 Redhat, Samba | 2 Linux, Samba | 2025-04-03 | N/A |
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. | ||||
CVE-2000-0937 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks. | ||||
CVE-2004-0686 | 3 Redhat, Samba, Trustix | 3 Enterprise Linux, Samba, Secure Linux | 2025-04-03 | N/A |
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | ||||
CVE-2004-0829 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. | ||||
CVE-2004-1002 | 2 Canonical, Samba | 2 Ubuntu Linux, Ppp | 2025-04-03 | 7.5 High |
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location. | ||||
CVE-2004-2687 | 2 Apple, Samba | 2 Xcode, Samba | 2025-04-03 | N/A |
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | ||||
CVE-2006-1059 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. | ||||
CVE-2006-3403 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. | ||||
CVE-1999-0812 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | ||||
CVE-2004-0600 | 3 Redhat, Samba, Trustix | 3 Enterprise Linux, Samba, Secure Linux | 2025-04-03 | N/A |
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | ||||
CVE-2000-0939 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. | ||||
CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2025-04-03 | N/A |
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | ||||
CVE-2002-2196 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
CVE-2003-0085 | 3 Hp, Redhat, Samba | 4 Cifs-9000 Server, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. | ||||
CVE-2003-0086 | 2 Redhat, Samba | 3 Enterprise Linux, Linux, Samba | 2025-04-03 | N/A |
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | ||||
CVE-2004-0028 | 1 Samba | 1 Jitterbug | 2025-04-03 | N/A |
jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. | ||||
CVE-1999-0182 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | ||||
CVE-1999-0810 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Denial of service in Samba NETBIOS name service daemon (nmbd). |