Samba

Samba

217 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.99%
  • Veröffentlicht 02.10.2011 20:55:00
  • Zuletzt bearbeitet 16.06.2026 23:31:16

Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors.

  • EPSS 0.43%
  • Veröffentlicht 06.09.2011 16:55:10
  • Zuletzt bearbeitet 16.06.2026 23:31:52

The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denia...

Exploit
  • EPSS 10.05%
  • Veröffentlicht 29.07.2011 20:55:02
  • Zuletzt bearbeitet 16.06.2026 23:31:30

Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start...

  • EPSS 6.29%
  • Veröffentlicht 29.07.2011 20:55:02
  • Zuletzt bearbeitet 16.06.2026 23:31:48

Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the usernam...

  • EPSS 0.53%
  • Veröffentlicht 10.04.2011 02:55:02
  • Zuletzt bearbeitet 16.06.2026 23:29:48

smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigge...

  • EPSS 4.65%
  • Veröffentlicht 01.03.2011 23:00:02
  • Zuletzt bearbeitet 16.06.2026 23:27:56

Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite ...

  • EPSS 10.55%
  • Veröffentlicht 15.09.2010 18:00:44
  • Zuletzt bearbeitet 16.06.2026 23:22:03

Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file ...

Exploit
  • EPSS 3.8%
  • Veröffentlicht 17.06.2010 16:30:01
  • Zuletzt bearbeitet 16.06.2026 23:18:45

The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field ...

Exploit
  • EPSS 3.58%
  • Veröffentlicht 17.06.2010 16:30:01
  • Zuletzt bearbeitet 16.06.2026 23:18:46

The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length...

  • EPSS 78.7%
  • Veröffentlicht 17.06.2010 16:30:01
  • Zuletzt bearbeitet 16.06.2026 23:19:54

Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arb...