Vulnerabilities > Samba
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2546 | Denial-Of-Service vulnerability in Samba Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). | 6.4 |
| 2004-12-31 | CVE-2004-0829 | Unspecified vulnerability in Samba smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. | 5.0 |
| 2004-12-31 | CVE-2004-0808 | Unspecified vulnerability in Samba The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | 5.0 |
| 2004-11-03 | CVE-2004-0815 | Remote Arbitrary File Access vulnerability in Samba The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. | 7.5 |
| 2004-09-13 | CVE-2004-0807 | Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | 5.0 |
| 2004-07-27 | CVE-2004-0686 | Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | 5.0 |
| 2004-07-27 | CVE-2004-0600 | Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | 10.0 |
| 2004-03-15 | CVE-2004-0186 | Local Privilege Elevation vulnerability in Linux Kernel Samba Share smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | 7.2 |
| 2004-03-03 | CVE-2004-0082 | Unspecified vulnerability in Samba 3.0.0/3.0.1 The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | 7.5 |
| 2004-02-03 | CVE-2004-0028 | Remote Arbitrary Command Execution vulnerability in Samba Jitterbug 1.6.2 jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. | 7.5 |