from 0, < 2:3.6.6-6+deb7u13
from 0, < 2:4.5.8+dfsg-2
CRITICAL9.8⚠ KEVsamba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u6
MEDIUM5.5⚠ KEVMicrosoft Netlogon Privilege Escalation Vulnerability
from 0, < 2:4.13.2+dfsg-2
CRITICAL10.0A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without prope…
from 0
CRITICAL9.8samba - security update
from 0, < 2:4.17.12+dfsg-0+deb12u1
CRITICAL9.8samba - security update
from 0, < 2:4.17.12+dfsg-0+deb12u1
CRITICAL9.8Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is ass…
from 0
CRITICAL9.8Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distri…
from 0
CRITICAL9.8samba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u9
CRITICAL9.8samba - security update
from 0, < 2:4.7.1+dfsg-2
CRITICAL9.1samba - security update
from 0, < 2:4.9.13+dfsg-1
CRITICAL9.1samba - security update
from 0, < 2:4.9.5+dfsg-5+deb10u1
CRITICAL9.0A flaw was found in Samba.
from 0
HIGH8.8krb5 - security update
from 0
HIGH8.8The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those alrea…
from 0, < 2:4.13.13+dfsg-1~deb11u3
HIGH8.8A flaw was found in Samba.
from 0, < 2:4.13.13+dfsg-1~deb11u5
HIGH8.8samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u5
HIGH8.8samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u5
HIGH8.8Kerberos acceptors need easy access to stable AD identifiers (eg objectSid).
from 0, < 2:4.13.13+dfsg-1~deb11u2
HIGH8.8In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'associatio…
from 0, < 2:4.13.13+dfsg-1~deb11u2
HIGH8.8samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u3
HIGH8.8samba - security update
from 0, < 2:4.9.5+dfsg-5+deb10u3
HIGH8.8Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data.
from 0, < 2:4.13.13+dfsg-1~deb11u2
HIGH8.8A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller).
from 0, < 2:4.13.13+dfsg-1~deb11u2
HIGH8.8A flaw was found in samba versions 4.0.0 to 4.5.2.
from 0, < 2:4.5.2+dfsg-2
HIGH8.8samba - security update
from 0, < 2:4.5.12+dfsg-2+deb9u3
HIGH8.8samba - security update
from 0, < 2:4.8.4+dfsg-1
HIGH8.8samba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u10
HIGH8.8On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over L…
from 0, < 2:4.7.4+dfsg-2
HIGH8.5A flaw was found in the Samba printing subsystem.
from 0
HIGH8.1Netlogon RPC Elevation of Privilege Vulnerability
from 0
HIGH8.1Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
from 0
HIGH8.1A flaw was found in Samba.
from 0, < 2:4.13.13+dfsg-1~deb11u5
HIGH8.1samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u2
HIGH8.1samba - security update
from 0, < 2:4.9.5+dfsg-5+deb10u2
HIGH8.1A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disa…
from 0, < 2:4.8.4+dfsg-1
HIGH8.1heimdal - security update
from 0, < 2:4.2.14+dfsg-0+deb8u7
HIGH8.1heimdal - security update
from 0, < 2:4.6.5+dfsg-4
HIGH8.0A flaw was found in Samba’s certificate auto-enrollment Group Policy handling.
from 0
HIGH7.5A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller.
from 0
HIGH7.5A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all a…
from 0
HIGH7.5An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight.
from 0, < 2:4.13.13+dfsg-1~deb11u6
HIGH7.5Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
from 0
HIGH7.5A flaw was found in the way samba implemented DCE/RPC.
from 0, < 2:4.13.13+dfsg-1~deb11u2
HIGH7.5ldb - security update
from 0
HIGH7.5A flaw was found in Samba's libldb.
from 0
HIGH7.5A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP.
from 0, < 2:4.12.5+dfsg-1
HIGH7.5A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4.
from 0, < 2:4.12.5+dfsg-1
HIGH7.5samba - security update
from 0, < 2:4.5.16+dfsg-1+deb9u3
HIGH7.5samba - security update
from 0, < 2:4.12.3+dfsg-2
HIGH7.5heimdal - security update
from 0, < 2:4.5.16+dfsg-1+deb9u2
HIGH7.5heimdal - security update
from 0, < 2:4.2.14+dfsg-0+deb8u13
HIGH7.5heimdal - security update
from 0, < 2:4.9.5+dfsg-4
HIGH7.5samba - security update
from 0, < 2:3.6.6-6+deb7u12
HIGH7.5samba - security update
from 0, < 2:4.5.6+dfsg-2
HIGH7.5samba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u4
HIGH7.5samba - security update
from 0, < 2:3.6.6-6+deb7u15
HIGH7.5samba - security update
from 0, < 2:4.7.1+dfsg-2
HIGH7.5samba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u2
HIGH7.5samba - security update
from 0, < 2:4.4.5+dfsg-1
HIGH7.5The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle D…
from 0, < 2:4.3.7+dfsg-1
HIGH7.5The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4…
from 0, < 2:4.1.22+dfsg-1
HIGH7.5The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory alloc…
from 0, < 2:4.1.22+dfsg-1
HIGH7.5ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string…
from 0, < 2:4.1.22+dfsg-1
HIGH7.4A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB…
from 0, < 2:4.6.7+dfsg-2
HIGH7.4samba - security update
from 0, < 2:4.6.7+dfsg-2
HIGH7.4samba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u8
HIGH7.4samba - security update
from 0, < 2:3.6.6-6+deb7u14
HIGH7.4Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-i…
from 0, < 2:4.3.7+dfsg-1
HIGH7.2Windows Kerberos Elevation of Privilege Vulnerability
from 0
HIGH7.2A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication.
from 0, < 2:4.13.13+dfsg-1~deb11u2
HIGH7.2samba - security update
from 0, < 2:3.5.6~dfsg-3squeeze13
HIGH7.2samba - security update
from 0, < 2:4.1.22+dfsg-1
HIGH7.1A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes.
from 0, < 2:4.22.8+dfsg-0+deb13u2
HIGH7.1An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4…
from 0, < 2:4.6.7+dfsg-2
MEDIUM6.8A flaw was found in the way Samba handled file/directory metadata.
from 0
MEDIUM6.8A flaw was found in samba.
from 0, < 2:4.13.5+dfsg-2
MEDIUM6.5A flaw was found in Samba’s vfs_worm module.
from 0
MEDIUM6.5A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged us…
from 0
MEDIUM6.5A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements.
from 0
MEDIUM6.5A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samb…
from 0, < 2:4.13.13+dfsg-1~deb11u6
MEDIUM6.5A flaw was found in Samba.
from 0, < 2:4.17.12+dfsg-0+deb12u1
MEDIUM6.5A heap-based Buffer Overflow flaw was discovered in Samba.
from 0, < 2:4.19.2+dfsg-1
MEDIUM6.5The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an atta…
from 0
MEDIUM6.5A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal.
from 0, < 2:4.13.13+dfsg-1~deb11u6
MEDIUM6.5MaxQueryDuration not honoured in Samba AD DC LDAP
from 0
MEDIUM6.5heimdal - security update
from 0, < 2:4.13.13+dfsg-1~deb11u1
MEDIUM6.5A flaw was found in samba's DNS server.
from 0, < 2:4.13.2+dfsg-2
MEDIUM6.5ldb - security update
from 0, < 2:4.12.5+dfsg-1
MEDIUM6.5A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configurati…
from 0, < 2:4.12.5+dfsg-1
MEDIUM6.5There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x ve…
from 0, < 2:4.11.5+dfsg-1
MEDIUM6.5All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3…
from 0, < 2:4.11.5+dfsg-1
MEDIUM6.5samba - security update
from 0, < 2:4.11.1+dfsg-2
MEDIUM6.5samba - security update
from 0, < 2:4.5.16+dfsg-1+deb9u4
MEDIUM6.5Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service.
from 0, < 2:4.9.5+dfsg-5
MEDIUM6.5ldb - security update
from 0, < 2:4.9.5+dfsg-1
MEDIUM6.5Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.
from 0, < 2:4.9.2+dfsg-2
MEDIUM6.5Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service.
from 0, < 2:4.9.2+dfsg-2
MEDIUM6.5samba - security update
from 0, < 2:4.9.2+dfsg-2
MEDIUM6.5samba - security update
from 0, < 2:4.5.12+dfsg-2+deb9u4
MEDIUM6.5samba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u11
MEDIUM6.5samba - security update
from 0, < 2:4.5.2+dfsg-2
MEDIUM6.5samba - security update
from 0, < 2:3.6.6-6+deb7u11
MEDIUM6.5The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks.
from 0, < 2:4.8.4+dfsg-1
MEDIUM6.5A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer.
from 0, < 2:4.8.4+dfsg-1
MEDIUM6.5A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server.
from 0, < 2:4.8.4+dfsg-1
MEDIUM6.5samba - security update
from 0, < 2:4.2.14+dfsg-0+deb8u12
MEDIUM6.5samba - security update
from 0, < 2:4.5.6+dfsg-1
MEDIUM6.5Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate)…
from 0, < 2:4.5.2+dfsg-2
MEDIUM6.5samba - security update
from 0, < 2:4.3.6+dfsg-1
MEDIUM6.5samba - security update
from 0, < 2:3.6.6-6+deb7u7
MEDIUM6.3The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured…
from 0, < 2:4.3.7+dfsg-1
MEDIUM6.1A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2.
from 0, < 2:4.9.5+dfsg-3
MEDIUM5.9A vulnerability was found in Samba's SMB2 packet signing mechanism.
from 0, < 2:4.17.10+dfsg-0+deb12u1
MEDIUM5.9samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u6
MEDIUM5.9samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u6
MEDIUM5.9samba - security update
from 0, < 2:4.17.10+dfsg-0+deb12u1
MEDIUM5.9The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed…
from 0
MEDIUM5.9A flaw was found in samba.
from 0
MEDIUM5.9samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u2
MEDIUM5.9samba - security update
from 0, < 2:4.9.5+dfsg-5+deb10u4
MEDIUM5.9samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u2
MEDIUM5.9Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of p…
from 0, < 2:4.9.2+dfsg-2
MEDIUM5.9Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-defaul…
from 0, < 2:4.9.2+dfsg-2
MEDIUM5.9Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn…
from 0, < 2:4.3.7+dfsg-1
MEDIUM5.9The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server sign…
from 0, < 2:4.3.7+dfsg-1
MEDIUM5.9The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "clie…
from 0, < 2:4.3.7+dfsg-1
MEDIUM5.9The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-…
from 0, < 2:4.3.7+dfsg-1
MEDIUM5.9samba - security update
from 0, < 2:4.3.7+dfsg-1
MEDIUM5.9samba - security update
from 0, < 2:3.6.6-6+deb7u9
MEDIUM5.9The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is con…
from 0, < 2:4.3.6+dfsg-1
MEDIUM5.5In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
from 0
MEDIUM5.5A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1.
from 0, < 2:4.13.2+dfsg-2
MEDIUM5.4A flaw was found in the Samba AD LDAP server.
from 0, < 2:4.13.13+dfsg-1~deb11u5
MEDIUM5.4There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before…
from 0, < 2:4.11.5+dfsg-1
MEDIUM5.4heimdal - security update
from 0, < 2:4.11.3+dfsg-1
MEDIUM5.4A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user…
from 0, < 2:4.11.1+dfsg-2
MEDIUM5.4samba - security update
from 0, < 2:4.9.5+dfsg-3
MEDIUM5.4samba - security update
from 0, < 2:4.5.16+dfsg-1+deb9u1
MEDIUM5.4Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which all…
from 0, < 2:4.1.22+dfsg-1
MEDIUM5.3A path disclosure vulnerability was found in Samba.
from 0, < 2:4.13.13+dfsg-1~deb11u6
MEDIUM5.3A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight.
from 0, < 2:4.13.13+dfsg-1~deb11u6
MEDIUM5.3A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control.
from 0, < 2:4.12.3+dfsg-2
MEDIUM5.3All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RP…
from 0, < 2:4.11.3+dfsg-1
MEDIUM5.3The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.…
from 0, < 2:4.1.22+dfsg-1
MEDIUM5.3samba - security update
from 0, < 2:4.1.22+dfsg-1
MEDIUM5.3samba - security update
from 0, < 2:3.6.6-6+deb7u6
MEDIUM4.9A flaw was found in Samba.
from 0, < 2:4.22.2+dfsg-1
MEDIUM4.9A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10.
from 0, < 2:4.11.0+dfsg-6
MEDIUM4.7Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mo…
from 0, < 2:3.4.7~dfsg-2
MEDIUM4.4Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference.
from 0, < 2:4.9.2+dfsg-2
MEDIUM4.3samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u7
MEDIUM4.3samba - security update
from 0, < 2:4.13.13+dfsg-1~deb11u7
MEDIUM4.3A flaw was found in Samba.
from 0
MEDIUM4.3An information leak vulnerability was discovered in Samba's LDAP server.
from 0
MEDIUM4.3A flaw was found in Samba.
from 0, < 2:4.13.13+dfsg-1~deb11u5
MEDIUM4.3All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exist…
from 0
MEDIUM4.3samba - security update
from 0, < 2:4.9.5+dfsg-5+deb10u5
MEDIUM4.3samba - security update
from 0, < 2:4.13.2+dfsg-2
MEDIUM4.3samba - security update
from 0, < 2:4.5.12+dfsg-2+deb9u2
MEDIUM4.3samba - security update
from 0, < 2:4.7.4+dfsg-2
MEDIUM4.3samba - security update
from 0, < 2:3.6.6-6+deb7u16
LOW2.5All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in…
from 0, < 2:4.13.13+dfsg-1~deb11u4
—samba - security update
from 0, < 2:3.6.6-6+deb7u5
—samba - security update
from 0, < 2:3.5.6~dfsg-3squeeze12
—samba - security update
from 0, < 2:4.1.17+dfsg-1
—Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured,…
from 0, < 2:4.1.17+dfsg-1
—NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code…
from 0, < 2:4.1.11+dfsg-1
—The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users…
from 0, < 2:4.1.9+dfsg-1
—The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to caus…
from 0, < 2:4.1.9+dfsg-1
—The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before send…
from 0, < 2:4.1.8+dfsg-1
—samba - security update
from 0, < 2:4.1.8+dfsg-1
—samba - security update
from 0, < 2:3.6.6-6+deb7u4
—The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown…
from 0, < 2:4.1.6+dfsg-1
—Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all in…
from 0, < 2:4.1.6+dfsg-1
—samba - several
from 0, < 2:3.5.6~dfsg-3squeeze11
—samba - several
from 0, < 2:4.0.13+dfsg-1
—The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of gr…
from 0, < 2:4.0.13+dfsg-1
—Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key…
from 0, < 2:4.0.11+dfsg-1
—Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enable…
from 0, < 2:4.0.11+dfsg-1
—Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before…
from 0, < 2:3.6.17-1
—The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 an…
from 0, < 2:3.6.6-1
—Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12…
from 0, < 2:3.6.6-5
—samba - several issues
from 0, < 2:3.5.6~dfsg-3squeeze9
—samba - several issues
from 0, < 2:3.6.6-5
—samba - missing permission checks
from 0, < 2:3.5.6~dfsg-3squeeze8
—samba - missing permission checks
from 0, < 2:3.6.5-1
—samba - privilege escalation
from 0, < 2:3.6.4-1
—samba - privilege escalation
from 0, < 2:3.5.6~dfsg-3squeeze7
—Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before…
from 0, < 2:3.4.0~pre1-1
—Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making…
from 0, < 2:3.6.3-1
—The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) dev…
from 0, < 2:3.4.7~dfsg-2
—Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x…
from 0, < 2:3.5.10~dfsg-1
—samba - cross-side scripting
from 0, < 2:3.5.10~dfsg-1
—samba - cross-side scripting
from 0, < 2:3.2.5-4lenny15
—smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/m…
from 0, < 2:3.4.7~dfsg-2
—samba - missing input sanisiting
from 0, < 2:3.2.5-4lenny14
—samba - missing input sanisiting
from 0, < 2:3.5.7~dfsg-1
—samba - buffer overflow
from 0, < 2:3.2.5-4lenny13
—samba - buffer overflow
from 0, < 2:3.5.5~dfsg-1
—samba - arbitrary code execution
from 0, < 2:3.2.5-4lenny12
—samba - arbitrary code execution
from 0, < 2:3.4.0~pre1-1
—The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to tr…
from 0, < 2:3.5.4~dfsg-2
—The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of ser…
from 0, < 2:3.6.1-2
—The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allo…
from 0, < 2:3.4.6~dfsg-1
—smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote auth…
from 0, < 2:3.4.7~dfsg-1
—client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS shar…
from 0, < 2:3.4.5~dfsg-2
—samba - several vulnerabilities
from 0, < 2:3.4.5~dfsg-2
—samba - several vulnerabilities
from 0, < 2:3.2.5-4lenny9
—mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, do…
from 0, < 2:3.4.2-1
—smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a den…
from 0, < 2:3.4.2-1
—samba - several vulnerabilities
from 0, < 2:3.2.5-4lenny7
—samba - several vulnerabilities
from 0, < 2:3.4.2-1
—The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before…
from 0, < 2:3.3.6-1
—samba - several vulnerabilities
from 0, < 2:3.3.6-1
—samba - several vulnerabilities
from 0, < 2:3.2.5-4lenny6
—Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted…
from 0, < 2:3.2.5-3
—smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) tran…
from 0, < 2:3.2.5-1
—samba - privilege escalation
from 0, < 2:3.2.1-1+lenny1
—samba - privilege escalation
from 0, < 2:3.2.3-1
—samba - arbitrary code execution
from 0, < 3.0.24-6etch10
—samba - arbitrary code execution
from 0, < 1:3.0.30-1
—samba - buffer overflow
from 0, < 3.0.28-1~lenny1
—samba - buffer overflow
from 0, < 3.0.28-1
—samba - buffer overflow
from 0, < 3.0.24-6etch9
—samba - several vulnerabilities (update)
from 0, < 3.0.24-6etch7
—samba - several vulnerabilities (update)
from 0, < 3.0.24-6etch8
—samba - several vulnerabilities (update)
from 0, < 3.0.24-6etch5
—samba - several vulnerabilities (update)
from 0, < 3.0.27-1
—Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operat…
from 0, < 3.0.27-1
—The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is…
from 0, < 3.0.26-1
—samba - several vulnerabilities
from 0, < 3.0.24-6etch2
—Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrar…
from 0, < 3.0.25-1
—The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metachara…
from 0, < 3.0.25-1
—samba - several vulnerabilities
from 0, < 3.0.25-1
—samba - several vulnerabilities
from 0, < 3.0.24-6+lenny3
—Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitr…
from 0, < 3.0.23d-5
—samba
from 0, < 3.0.14a-3sarge4
—samba
from 0, < 3.0.14a-3sarge4
—samba
from 0, < 3.0.23d-5
—samba - missing input sanitising
from 0, < 3.0.14a-3sarge2
—samba - missing input sanitising
from 0, < 3.0.23a-1
—The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local user…
from 0, < 3.0.22-1
—Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via…
from 0, < 3.0.7
—The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service…
from 0, < 3.0.8-1
—samba - integer overflows
from 0, < 3.0.10-1
—samba - integer overflows
from 0, < 2.2.3a-15
—smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify requ…
from 0, < 2.2.11
—The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers t…
from 0, < 3.0.7
—Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
from 0, < 3.0.6-1
—samba - arbitrary file access
from 0, < 3.0.6-1
—samba - arbitrary file access
from 0, < 2.2.3a-14.1
—Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed re…
from 0, < 3.0.7
—Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via a…
from 0, < 3.0.5
—Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown i…
from 0, < 3.0.5
—samba - privilege escalation
from 0, < 2.2.3a-13
—samba - privilege escalation
from 0, < 3.0.2-2
—The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite…
from 0, < 3.0.7
—Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG…
from 0, < 3.0
—samba - buffer overflow
from 0, < 2.2.3a-12.3
—samba - buffer overflow
from 0, < 3.0
—samba - remote exploit
from 0, < 2.2.8
—The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
from 0, < 2.2.8
—samba - remote exploit
from 0, < 2.2.3a-12.1
—Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary co…
from 0, < 2.2.5
—samba - remote exploit
from 0, < 2.2.7
—samba - remote exploit
from 0, < 2.2.3a-12