Filtered by vendor Samba
Subscriptions
Total
236 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0686 | 3 Redhat, Samba, Trustix | 3 Enterprise Linux, Samba, Secure Linux | 2025-04-03 | N/A |
| Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | ||||
| CVE-2004-0807 | 6 Conectiva, Mandrakesoft, Redhat and 3 more | 6 Linux, Mandrake Linux, Enterprise Linux and 3 more | 2025-04-03 | N/A |
| Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | ||||
| CVE-2004-0808 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | ||||
| CVE-2004-0815 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. | ||||
| CVE-2003-0196 | 6 Compaq, Hp, Redhat and 3 more | 9 Tru64, Cifs-9000 Server, Hp-ux and 6 more | 2025-04-03 | N/A |
| Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | ||||
| CVE-2006-3403 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. | ||||
| CVE-1999-0182 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | ||||
| CVE-2004-0882 | 4 Conectiva, Redhat, Samba and 1 more | 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-04-03 | N/A |
| Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | ||||
| CVE-2006-1059 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. | ||||
| CVE-2000-0937 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks. | ||||
| CVE-2004-2687 | 2 Apple, Samba | 2 Xcode, Samba | 2025-04-03 | N/A |
| distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | ||||
| CVE-1999-0812 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | ||||
| CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2025-04-03 | N/A |
| rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | ||||
| CVE-1999-0810 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Denial of service in Samba NETBIOS name service daemon (nmbd). | ||||
| CVE-1999-0811 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Buffer overflow in Samba smbd program via a malformed message command. | ||||
| CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2025-04-03 | N/A |
| Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | ||||
| CVE-2000-0935 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | ||||
| CVE-2000-0938 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | ||||
| CVE-2000-0939 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. | ||||
| CVE-2000-0936 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. | ||||