Vulnerabilities > Samba

DATE CVE VULNERABILITY TITLE RISK
2003-12-31 CVE-2003-1332 Remote Security vulnerability in Samba
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.
network
low complexity
linux samba
7.5
2003-05-05 CVE-2003-0201 Remote Buffer Overflow vulnerability in Samba 'call_trans2open'
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
network
low complexity
samba samba-tng apple compaq hp sun
critical
10.0
2003-05-05 CVE-2003-0196 Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
network
low complexity
samba samba-tng compaq hp sun
critical
10.0
2003-03-31 CVE-2003-0086 Unspecified vulnerability in Samba
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
local
high complexity
samba
1.2
2003-03-31 CVE-2003-0085 Buffer Overflow vulnerability in Samba SMB/CIFS Packet Assembling
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
network
low complexity
samba hp
critical
10.0
2002-12-31 CVE-2002-2196 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Samba
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.
network
low complexity
samba CWE-119
7.5
2002-12-11 CVE-2002-1318 Buffer Overrun vulnerability in Samba Server Encrypted Password
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
network
low complexity
samba sgi hp
critical
10.0
2002-03-15 CVE-2002-0080 Improper Privilege Management vulnerability in multiple products
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
local
low complexity
samba redhat CWE-269
2.1
2001-07-02 CVE-2001-0406 Symbolic Link vulnerability in Samba Insecure TMP file
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.
local
low complexity
samba
2.1
2001-06-23 CVE-2001-1162 Remote Arbitrary File Creation vulnerability in Samba
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a ..
network
low complexity
samba hp
critical
10.0