Vulnerabilities > Samba > Samba > 2.2.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-11-03 | CVE-2004-0815 | Remote Arbitrary File Access vulnerability in Samba The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. | 7.5 |
2004-07-27 | CVE-2004-0686 | Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | 5.0 |
2003-12-31 | CVE-2003-1332 | Remote Security vulnerability in Samba Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | 7.5 |
2003-05-05 | CVE-2003-0201 | Remote Buffer Overflow vulnerability in Samba 'call_trans2open' Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | 10.0 |
2003-05-05 | CVE-2003-0196 | Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | 10.0 |
2003-03-31 | CVE-2003-0086 | Unspecified vulnerability in Samba The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | 1.2 |
2003-03-31 | CVE-2003-0085 | Buffer Overflow vulnerability in Samba SMB/CIFS Packet Assembling Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. | 10.0 |
2002-12-11 | CVE-2002-1318 | Buffer Overrun vulnerability in Samba Server Encrypted Password Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | 10.0 |