Filtered by vendor Samba
Subscribe
Total
230 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0196 | 5 Compaq, Hp, Samba and 2 more | 7 Tru64, Cifs-9000 Server, Hp-ux and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | |||||
CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2023-12-10 | 2.1 LOW | N/A |
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | |||||
CVE-1999-0812 | 1 Samba | 1 Samba | 2023-12-10 | 7.6 HIGH | N/A |
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | |||||
CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2023-12-10 | 10.0 HIGH | N/A |
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | |||||
CVE-2004-0829 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. | |||||
CVE-2000-0938 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | |||||
CVE-2004-0807 | 5 Conectiva, Mandrakesoft, Samba and 2 more | 5 Linux, Mandrake Linux, Samba and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | |||||
CVE-2004-0082 | 1 Samba | 1 Samba | 2023-12-10 | 7.5 HIGH | N/A |
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | |||||
CVE-2004-0808 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | |||||
CVE-2003-0086 | 1 Samba | 1 Samba | 2023-12-10 | 1.2 LOW | N/A |
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. |