Samba

Samba

211 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2004-0930

Exploit
  • EPSS 6.06%
  • Published 27.01.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

10

CVE-2004-1154

  • EPSS 27.77%
  • Published 10.01.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of securit...

5

CVE-2004-0808

  • EPSS 7.87%
  • Published 31.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of ...

5

CVE-2004-0829

  • EPSS 3.96%
  • Published 31.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.

6.4

CVE-2004-2546

  • EPSS 0.69%
  • Published 31.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).

9.3

CVE-2004-2687

Exploit
  • EPSS 89.51%
  • Published 31.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.

7.5

CVE-2004-0815

Exploit
  • EPSS 8.22%
  • Published 03.11.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrar...

5

CVE-2004-0807

  • EPSS 9.85%
  • Published 13.09.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

10

CVE-2004-0600

  • EPSS 59.61%
  • Published 27.07.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

5

CVE-2004-0686

  • EPSS 8.49%
  • Published 27.07.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.