Filtered by vendor Samba
Subscribe
Total
230 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2724 | 1 Samba | 1 Samba | 2023-12-10 | 1.2 LOW | N/A |
| The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547. | |||||
| CVE-2011-1097 | 1 Samba | 1 Rsync | 2023-12-10 | 5.1 MEDIUM | N/A |
| rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data. | |||||
| CVE-2010-1635 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
| The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. | |||||
| CVE-2011-0719 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
| Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd. | |||||
| CVE-2011-2411 | 2 Hp, Samba | 3 Nonstop Server, Nonstop Server Software, Samba | 2023-12-10 | 9.0 HIGH | N/A |
| Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-2522 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2023-12-10 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. | |||||
| CVE-2010-3069 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2023-12-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share. | |||||
| CVE-2010-2063 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. | |||||
| CVE-2012-0817 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
| Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests. | |||||
| CVE-2010-1642 | 1 Samba | 1 Samba | 2023-12-10 | 5.0 MEDIUM | N/A |
| The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request. | |||||
| CVE-2010-0787 | 1 Samba | 1 Samba | 2023-12-10 | 4.4 MEDIUM | N/A |
| client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. | |||||
| CVE-2010-0547 | 1 Samba | 1 Samba | 2023-12-10 | 2.1 LOW | N/A |
| client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. | |||||
| CVE-2011-2694 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2023-12-10 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). | |||||
| CVE-2009-2813 | 3 Apple, Fedoraproject, Samba | 4 Mac Os X, Mac Os X Server, Fedora and 1 more | 2023-12-10 | 6.0 MEDIUM | N/A |
| Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. | |||||
| CVE-2009-0022 | 1 Samba | 1 Samba | 2023-12-10 | 6.3 MEDIUM | N/A |
| Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name. | |||||
| CVE-2008-4314 | 1 Samba | 1 Samba | 2023-12-10 | 8.5 HIGH | N/A |
| smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed. | |||||
| CVE-2009-2948 | 1 Samba | 1 Samba | 2023-12-10 | 1.9 LOW | N/A |
| mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. | |||||
| CVE-2009-1886 | 1 Samba | 1 Samba | 2023-12-10 | 9.3 HIGH | N/A |
| Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename. | |||||
| CVE-2009-2906 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2023-12-10 | 4.0 MEDIUM | N/A |
| smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. | |||||
| CVE-2008-3789 | 1 Samba | 1 Samba | 2023-12-10 | 2.1 LOW | N/A |
| Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups. | |||||