Filtered by vendor Samba
Subscriptions
Filtered by product Samba
Subscriptions
Total
210 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3403 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. | ||||
| CVE-2003-1332 | 3 Linux, Redhat, Samba | 3 Linux Kernel, Enterprise Linux, Samba | 2025-04-03 | N/A |
| Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | ||||
| CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2025-04-03 | N/A |
| Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | ||||
| CVE-2004-0930 | 5 Conectiva, Gentoo, Redhat and 2 more | 8 Linux, Linux, Enterprise Linux and 5 more | 2025-04-03 | N/A |
| The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. | ||||
| CVE-2002-1318 | 4 Hp, Redhat, Samba and 1 more | 4 Cifs-9000 Server, Linux, Samba and 1 more | 2025-04-03 | N/A |
| Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | ||||
| CVE-2004-0829 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. | ||||
| CVE-1999-0182 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | ||||
| CVE-2004-0600 | 3 Redhat, Samba, Trustix | 3 Enterprise Linux, Samba, Secure Linux | 2025-04-03 | N/A |
| Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | ||||
| CVE-2004-0082 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | ||||
| CVE-2000-0935 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | ||||
| CVE-2004-0186 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2025-04-03 | N/A |
| smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | ||||
| CVE-2000-0938 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | ||||
| CVE-2000-0939 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. | ||||
| CVE-2022-45141 | 1 Samba | 1 Samba | 2025-03-06 | 9.8 Critical |
| Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96). | ||||
| CVE-2021-20251 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-03-06 | 5.9 Medium |
| A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met. | ||||
| CVE-2023-0225 | 1 Samba | 1 Samba | 2025-02-18 | 4.3 Medium |
| A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. | ||||
| CVE-2018-14628 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-02-13 | 4.3 Medium |
| An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. | ||||
| CVE-2023-0922 | 1 Samba | 1 Samba | 2025-02-13 | 5.9 Medium |
| The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. | ||||
| CVE-2023-0614 | 1 Samba | 1 Samba | 2025-02-13 | 7.7 High |
| The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. | ||||
| CVE-2019-14907 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2025-01-14 | 6.5 Medium |
| All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless). | ||||