Filtered by vendor Samba
Subscriptions
Total
236 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0938 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | ||||
| CVE-2001-0406 | 2 Redhat, Samba | 2 Linux, Samba | 2025-04-03 | N/A |
| Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. | ||||
| CVE-2003-1332 | 3 Linux, Redhat, Samba | 3 Linux Kernel, Enterprise Linux, Samba | 2025-04-03 | N/A |
| Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | ||||
| CVE-2004-1154 | 4 Redhat, Samba, Suse and 1 more | 5 Enterprise Linux, Fedora Core, Samba and 2 more | 2025-04-03 | N/A |
| Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. | ||||
| CVE-2003-0086 | 2 Redhat, Samba | 3 Enterprise Linux, Linux, Samba | 2025-04-03 | N/A |
| The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | ||||
| CVE-2003-0196 | 6 Compaq, Hp, Redhat and 3 more | 9 Tru64, Cifs-9000 Server, Hp-ux and 6 more | 2025-04-03 | N/A |
| Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | ||||
| CVE-2000-0936 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. | ||||
| CVE-2001-1162 | 3 Hp, Redhat, Samba | 3 Cifs-9000 Server, Linux, Samba | 2025-04-03 | N/A |
| Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | ||||
| CVE-2003-0201 | 7 Apple, Compaq, Hp and 4 more | 10 Mac Os X, Tru64, Cifs-9000 Server and 7 more | 2025-04-03 | N/A |
| Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | ||||
| CVE-2002-2196 | 1 Samba | 1 Samba | 2025-04-03 | N/A |
| Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2022-45141 | 1 Samba | 1 Samba | 2025-03-06 | 9.8 Critical |
| Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96). | ||||
| CVE-2021-20251 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-03-06 | 5.9 Medium |
| A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met. | ||||
| CVE-2023-0225 | 1 Samba | 1 Samba | 2025-02-18 | 4.3 Medium |
| A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. | ||||
| CVE-2018-14628 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2025-02-13 | 4.3 Medium |
| An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. | ||||
| CVE-2023-0922 | 1 Samba | 1 Samba | 2025-02-13 | 5.9 Medium |
| The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. | ||||
| CVE-2023-0614 | 1 Samba | 1 Samba | 2025-02-13 | 7.7 High |
| The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. | ||||
| CVE-2019-19344 | 4 Canonical, Opensuse, Samba and 1 more | 7 Ubuntu Linux, Leap, Samba and 4 more | 2025-01-14 | 6.5 Medium |
| There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer. | ||||
| CVE-2019-14907 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2025-01-14 | 6.5 Medium |
| All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless). | ||||
| CVE-2019-3870 | 3 Fedoraproject, Samba, Synology | 9 Fedora, Samba, Directory Server and 6 more | 2025-01-14 | 6.1 Medium |
| A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update. | ||||
| CVE-2022-38023 | 5 Fedoraproject, Microsoft, Netapp and 2 more | 15 Fedora, Windows Server 2008, Windows Server 2012 and 12 more | 2025-01-02 | 8.1 High |
| Netlogon RPC Elevation of Privilege Vulnerability | ||||