Vulnerabilities > Samba > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-01 | CVE-2004-1002 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location. | 7.5 |
2004-11-03 | CVE-2004-0815 | Remote Arbitrary File Access vulnerability in Samba The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. | 7.5 |
2004-03-15 | CVE-2004-0186 | Local Privilege Elevation vulnerability in Linux Kernel Samba Share smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | 7.2 |
2004-03-03 | CVE-2004-0082 | Unspecified vulnerability in Samba 3.0.0/3.0.1 The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | 7.5 |
2004-02-03 | CVE-2004-0028 | Remote Arbitrary Command Execution vulnerability in Samba Jitterbug 1.6.2 jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. | 7.5 |
2003-12-31 | CVE-2003-1332 | Remote Security vulnerability in Samba Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | 7.5 |
2002-12-31 | CVE-2002-2196 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Samba Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | 7.5 |
2000-12-19 | CVE-2000-0937 | Unspecified vulnerability in Samba 2.0.7 Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks. | 7.5 |
2000-12-19 | CVE-2000-0935 | Unspecified vulnerability in Samba 2.0.7 Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | 7.2 |
2000-07-12 | CVE-1999-0812 | Unspecified vulnerability in Samba 2.0.5 Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | 7.6 |