Samba

Samba

212 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2004-0686

  • EPSS 8.49%
  • Veröffentlicht 27.07.2004 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.

7.2

CVE-2004-0186

Exploit
  • EPSS 0.53%
  • Veröffentlicht 15.03.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.

7.5

CVE-2004-0082

  • EPSS 2.08%
  • Veröffentlicht 03.03.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable pas...

7.5

CVE-2003-1332

Exploit
  • EPSS 6.83%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.

10

CVE-2003-0196

  • EPSS 6.78%
  • Veröffentlicht 05.05.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

10

CVE-2003-0201

Exploit
  • EPSS 83.96%
  • Veröffentlicht 05.05.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

10

CVE-2003-0085

  • EPSS 86.07%
  • Veröffentlicht 31.03.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.

1.2

CVE-2003-0086

  • EPSS 0.27%
  • Veröffentlicht 31.03.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.

7.5

CVE-2002-2196

  • EPSS 11.19%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.

10

CVE-2002-1318

  • EPSS 73.41%
  • Veröffentlicht 11.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to ...