Search Results (249 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0196 6 Compaq, Hp, Redhat and 3 more 9 Tru64, Cifs-9000 Server, Hp-ux and 6 more 2026-04-16 N/A
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
CVE-2004-2687 2 Apple, Samba 2 Xcode, Samba 2026-04-16 N/A
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
CVE-2003-0201 7 Apple, Compaq, Hp and 4 more 10 Mac Os X, Tru64, Cifs-9000 Server and 7 more 2026-04-16 N/A
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CVE-2003-1332 3 Linux, Redhat, Samba 3 Linux Kernel, Enterprise Linux, Samba 2026-04-16 N/A
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.
CVE-2006-3403 2 Redhat, Samba 2 Enterprise Linux, Samba 2026-04-16 N/A
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.
CVE-2004-0815 2 Redhat, Samba 2 Enterprise Linux, Samba 2026-04-16 N/A
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.
CVE-2004-0930 5 Conectiva, Gentoo, Redhat and 2 more 8 Linux, Linux, Enterprise Linux and 5 more 2026-04-16 N/A
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
CVE-2004-0186 2 Linux, Samba 2 Linux Kernel, Samba 2026-04-16 N/A
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
CVE-2004-0882 4 Conectiva, Redhat, Samba and 1 more 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more 2026-04-16 N/A
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
CVE-2004-2546 2 Samba, Trustix 2 Samba, Secure Linux 2026-04-16 N/A
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
CVE-2003-0085 3 Hp, Redhat, Samba 4 Cifs-9000 Server, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
CVE-1999-0811 1 Samba 1 Samba 2026-04-16 N/A
Buffer overflow in Samba smbd program via a malformed message command.
CVE-2004-0829 1 Samba 1 Samba 2026-04-16 N/A
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.
CVE-2002-0080 2 Redhat, Samba 2 Linux, Rsync 2026-04-16 N/A
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
CVE-2000-0936 1 Samba 1 Samba 2026-04-16 N/A
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.
CVE-2000-0938 1 Samba 1 Samba 2026-04-16 N/A
Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server.
CVE-2004-0028 1 Samba 1 Jitterbug 2026-04-16 N/A
jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands.
CVE-2004-1002 2 Canonical, Samba 2 Ubuntu Linux, Ppp 2026-04-16 7.5 High
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.
CVE-2020-1472 9 Canonical, Debian, Fedoraproject and 6 more 20 Ubuntu Linux, Debian Linux, Fedora and 17 more 2026-02-23 5.5 Medium
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
CVE-2023-3961 3 Fedoraproject, Redhat, Samba 7 Fedora, Enterprise Linux, Enterprise Linux Eus and 4 more 2025-11-20 9.1 Critical
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.