Vulnerabilities > Samba

DATE CVE VULNERABILITY TITLE RISK
2018-08-22 CVE-2018-1140 Improper Input Validation vulnerability in Samba
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server.
low complexity
samba CWE-20
6.5
2018-08-22 CVE-2018-1139 Insufficiently Protected Credentials vulnerability in multiple products
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled.
network
high complexity
samba redhat canonical CWE-522
8.1
2018-07-27 CVE-2017-12151 Cryptographic Issues vulnerability in multiple products
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3.
network
high complexity
samba redhat debian hp CWE-310
7.4
2018-07-26 CVE-2017-12150 It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled.
network
high complexity
samba redhat debian
7.4
2018-07-26 CVE-2017-12163 An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8.
low complexity
samba redhat debian
7.1
2018-03-13 CVE-2018-1057 Incorrect Authorization vulnerability in multiple products
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).
network
low complexity
debian canonical samba CWE-863
8.8
2018-03-13 CVE-2018-1050 NULL Pointer Dereference vulnerability in multiple products
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon.
4.3
2018-03-12 CVE-2017-2619 Link Following vulnerability in multiple products
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
network
high complexity
samba redhat debian CWE-59
7.5
2018-01-17 CVE-2018-5764 The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.
network
low complexity
samba debian canonical
7.5
2017-12-06 CVE-2017-17434 The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemon_filter_list data structure (in the recv_files function in receiver.c) and also does not apply the sanitize_paths protection mechanism to pathnames found in "xname follows" strings (in the read_ndx_and_attrs function in rsync.c), which allows remote attackers to bypass intended access restrictions.
network
low complexity
samba debian
critical
9.8