Filtered by vendor Samba
Subscribe
Total
231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2113 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2025-04-12 | 5.8 MEDIUM | 7.4 HIGH |
| Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3493 | 1 Samba | 1 Samba | 2025-04-12 | 2.7 LOW | N/A |
| The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference. | |||||
| CVE-2014-3560 | 3 Canonical, Redhat, Samba | 3 Ubuntu Linux, Enterprise Linux, Samba | 2025-04-12 | 7.9 HIGH | N/A |
| NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h. | |||||
| CVE-2016-2110 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security. | |||||
| CVE-2015-5370 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors. | |||||
| CVE-2016-0771 | 1 Samba | 1 Samba | 2025-04-12 | 4.9 MEDIUM | 5.9 MEDIUM |
| The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record. | |||||
| CVE-2010-1635 | 1 Samba | 1 Samba | 2025-04-11 | 5.0 MEDIUM | N/A |
| The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. | |||||
| CVE-2013-4124 | 5 Canonical, Fedoraproject, Opensuse and 2 more | 5 Ubuntu Linux, Fedora, Opensuse and 2 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | |||||
| CVE-2013-0213 | 1 Samba | 1 Samba | 2025-04-11 | 5.1 MEDIUM | N/A |
| The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element. | |||||
| CVE-2011-2694 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2025-04-11 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). | |||||
| CVE-2011-1678 | 1 Samba | 1 Samba | 2025-04-11 | 3.3 LOW | N/A |
| smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. | |||||
| CVE-2010-0547 | 1 Samba | 1 Samba | 2025-04-11 | 2.1 LOW | N/A |
| client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. | |||||
| CVE-2010-0926 | 1 Samba | 1 Samba | 2025-04-11 | 3.5 LOW | N/A |
| The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options. | |||||
| CVE-2013-4408 | 1 Samba | 1 Samba | 2025-04-11 | 8.3 HIGH | N/A |
| Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet. | |||||
| CVE-2013-0172 | 1 Samba | 1 Samba | 2025-04-11 | 3.5 LOW | N/A |
| Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute. | |||||
| CVE-2013-0214 | 1 Samba | 1 Samba | 2025-04-11 | 5.1 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions. | |||||
| CVE-2011-0719 | 1 Samba | 1 Samba | 2025-04-11 | 5.0 MEDIUM | N/A |
| Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd. | |||||
| CVE-2013-0454 | 3 Canonical, Ibm, Samba | 3 Ubuntu Linux, Storwize, Samba | 2025-04-11 | 4.0 MEDIUM | N/A |
| The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or "hide unreadable" parameter. | |||||
| CVE-2011-2522 | 1 Samba | 1 Samba | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. | |||||
| CVE-2013-4475 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2025-04-11 | 4.0 MEDIUM | N/A |
| Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS). | |||||