Filtered by vendor Samba
Subscriptions
Total
230 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-7494 | 3 Debian, Redhat, Samba | 9 Debian Linux, Enterprise Linux, Rhel Aus and 6 more | 2025-04-03 | 9.8 Critical |
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. | ||||
CVE-1999-0811 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Buffer overflow in Samba smbd program via a malformed message command. | ||||
CVE-2004-0028 | 1 Samba | 1 Jitterbug | 2025-04-03 | N/A |
jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. | ||||
CVE-2004-2546 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2025-04-03 | N/A |
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). | ||||
CVE-2000-0935 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | ||||
CVE-2000-0936 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. | ||||
CVE-2000-0937 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks. | ||||
CVE-1999-0812 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | ||||
CVE-1999-0810 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Denial of service in Samba NETBIOS name service daemon (nmbd). | ||||
CVE-2004-0829 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. | ||||
CVE-2002-2196 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
CVE-2003-0085 | 3 Hp, Redhat, Samba | 4 Cifs-9000 Server, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. | ||||
CVE-2003-0086 | 2 Redhat, Samba | 3 Enterprise Linux, Linux, Samba | 2025-04-03 | N/A |
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | ||||
CVE-2003-1332 | 3 Linux, Redhat, Samba | 3 Linux Kernel, Enterprise Linux, Samba | 2025-04-03 | N/A |
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | ||||
CVE-1999-0182 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | ||||
CVE-2004-0082 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | ||||
CVE-2004-0600 | 3 Redhat, Samba, Trustix | 3 Enterprise Linux, Samba, Secure Linux | 2025-04-03 | N/A |
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | ||||
CVE-2004-0807 | 6 Conectiva, Mandrakesoft, Redhat and 3 more | 6 Linux, Mandrake Linux, Enterprise Linux and 3 more | 2025-04-03 | N/A |
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | ||||
CVE-2004-0808 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | ||||
CVE-2006-3403 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. |