Vulnerabilities > Samba

DATE CVE VULNERABILITY TITLE RISK
2018-11-28 CVE-2018-16853 Resource Exhaustion vulnerability in Samba
Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration.
network
high complexity
samba CWE-400
5.9
5.9
2018-11-28 CVE-2018-16852 NULL Pointer Dereference vulnerability in Samba 4.9.0/4.9.1/4.9.2
Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference.
network
high complexity
samba CWE-476
4.4
4.4
2018-11-28 CVE-2018-16851 NULL Pointer Dereference vulnerability in multiple products
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service.
network
low complexity
samba canonical debian CWE-476
6.5
6.5
2018-11-28 CVE-2018-16841 Double Free vulnerability in multiple products
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service.
network
low complexity
samba canonical debian CWE-415
6.5
6.5
2018-11-28 CVE-2018-14629 Infinite Loop vulnerability in multiple products
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3.
network
low complexity
samba canonical debian CWE-835
6.5
6.5
2018-11-01 CVE-2016-2123 Unspecified vulnerability in Samba
A flaw was found in samba versions 4.0.0 to 4.5.2.
network
low complexity
samba
8.8
8.8
2018-10-31 CVE-2016-2125 Improper Input Validation vulnerability in multiple products
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication.
low complexity
samba redhat CWE-20
6.5
6.5
2018-08-22 CVE-2018-10919 Information Exposure vulnerability in multiple products
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks.
network
low complexity
canonical debian samba CWE-200
6.5
6.5
2018-08-22 CVE-2018-10918 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer.
network
low complexity
canonical samba CWE-476
6.5
6.5
2018-08-22 CVE-2018-10858 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing.
network
low complexity
debian canonical samba redhat CWE-119
8.8
8.8