CVE-2018-1050
- EPSS 6.69%
- Veröffentlicht 13.03.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:04
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls c...
CVE-2018-1057
- EPSS 10.31%
- Veröffentlicht 13.03.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:05
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privi...
CVE-2017-2619
- EPSS 11.09%
- Veröffentlicht 12.03.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:23:50
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
CVE-2017-14746
- EPSS 9.88%
- Veröffentlicht 27.11.2017 22:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
CVE-2017-15275
- EPSS 21.41%
- Veröffentlicht 27.11.2017 22:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
CVE-2017-11103
- EPSS 5.12%
- Veröffentlicht 13.07.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name ...
CVE-2017-9461
- EPSS 4.19%
- Veröffentlicht 06.06.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
- EPSS 99.45%
- Veröffentlicht 30.05.2017 18:29:00
- Zuletzt bearbeitet 21.04.2026 19:36:42
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
CVE-2016-2126
- EPSS 6.59%
- Veröffentlicht 11.05.2017 14:29:58
- Zuletzt bearbeitet 13.05.2026 00:24:29
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerbero...
CVE-2016-2119
- EPSS 3.1%
- Veröffentlicht 07.07.2016 15:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSI...