CVE-2021-43566: Malicious client using an SMB1 or NFS race to allow
a directory to be created in an area of the server file system not
exported under the share definition.
CVE-2021-44141: Information leak via symlinks of existance of files
or directories outside of the exported share.
CVE-2021-44142: Out-of-bounds heap read/write vulnerability
in VFS module vfs_fruit allows code execution.
CVE-2022-0336: Samba AD users with permission to write to
an account can impersonate arbitrary services.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchsamba413< 4.13.17UNKNOWN
FreeBSDanynoarchsamba414< 4.14.12UNKNOWN
FreeBSDanynoarchsamba415< 4.15.5UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	samba413	< 4.13.17	UNKNOWN
FreeBSD	any	noarch	samba414	< 4.14.12	UNKNOWN
FreeBSD	any	noarch	samba415	< 4.15.5	UNKNOWN

References

www.samba.org/samba/security/CVE-2021-43566.html

www.samba.org/samba/security/CVE-2021-44141.html

www.samba.org/samba/security/CVE-2021-44142.html

www.samba.org/samba/security/CVE-2022-0336.html

nessus 51

openvas 39

fedora 2

osv 11

malwarebytes 1

thn 1

ubuntu 3

cisa 2

redos 1

mageia 1

ibm 8

kaspersky 2

altlinux 1

suse 3

debian 1

prion 4

samba 4

veracode 4

cve 4

alpinelinux 4

cbl_mariner 4

cnvd 1

ubuntucve 4

f5 3

debiancve 4

rocky 4

redhatcve 4

paloalto 1

oraclelinux 3

redhat 11

zdi 3

cert 1

trendmicroblog 1

threatpost 1

githubexploit 3

cloudfoundry 1

almalinux 2

centos 1

nessus

FreeBSD : samba -- Multiple Vulnerabilities (8579074c-839f-11ec-a3b2-005056a311d1)

2022-02-02 00:00:00

EulerOS Virtualization 2.10.0 : samba (EulerOS-SA-2022-2038)

2022-07-15 00:00:00

EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1438)

2022-04-18 00:00:00

openvas

Ubuntu: Security Advisory (USN-5260-1)

2022-02-02 00:00:00

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2589)

2022-10-12 00:00:00

QNAP QuTS hero Multiple Samba Vulnerabilities (QSA-22-03)

2022-05-30 00:00:00

fedora

[SECURITY] Fedora 34 Update: samba-4.14.12-0.fc34

2022-02-03 01:12:33

[SECURITY] Fedora 35 Update: samba-4.15.5-0.fc35

2022-02-02 01:26:36

osv

samba vulnerabilities

2022-02-01 11:52:14

CVE-2021-43566

2022-01-11 16:15:07

CVE-2021-44141

2022-02-21 18:15:08

malwarebytes

Samba patches critical vulnerability that allows remote code execution as root

2022-02-01 15:22:52

thn

New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root

2022-02-01 04:16:00

ubuntu

Samba vulnerabilities

2022-02-01 00:00:00

Samba vulnerability

2022-02-03 00:00:00

Samba vulnerability

2022-02-01 00:00:00

cisa

Samba Releases Security Updates

2022-02-01 00:00:00

Samba Releases Security Update

2022-01-11 00:00:00

redos

ROS-20220208-01

2022-02-08 00:00:00

mageia

Updated samba packages fix security vulnerability

2022-02-09 23:46:00

ibm

Security Bulletin: IBM i is vulnerable to bypass security restrictions due to Samba SMB1 (CVE-2021-43566 and CVE-2021-44141)

2022-03-02 14:24:21

Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2021-43566)

2022-04-27 11:10:48

Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to arbitrary code execution (CVE-2021-44142).

2022-02-25 13:06:29

kaspersky

KLA12439 Multiple vulnerabilities in Samba

2022-01-31 00:00:00

KLA12440 OSI vulnerability in Samba

2022-01-31 00:00:00

altlinux

Security fix for the ALT Linux 10 package samba version 4.14.12-alt1

2022-02-09 00:00:00

suse

Security update for samba (important)

2022-02-01 00:00:00

Security update for samba (critical)

2022-02-01 00:00:00

Security update for samba (critical)

2022-02-01 00:00:00

debian

[SECURITY] [DSA 5071-1] samba security update

2022-02-11 15:11:29

prion

Design/Logic Flaw

2022-01-11 16:15:00

Arbitrary file deletion

2022-02-21 18:15:00

Heap overflow

2022-02-21 15:15:00

samba

Information leak via symlinks of existance of

2022-01-31 00:00:00

Symlink race error can allow directory creation

2022-01-10 00:00:00

Out-of-bounds heap read/write vulnerability

2022-01-31 00:00:00

veracode

Directory Traversal

2022-02-03 20:44:50

Information Disclosure

2022-02-03 11:21:55

Remote Code Execution (RCE)

2022-02-03 11:21:59

cve

CVE-2021-43566

2022-01-11 16:15:00

CVE-2021-44141

2022-02-21 18:15:00

CVE-2021-44142

2022-02-21 15:15:00

alpinelinux

CVE-2021-43566

2022-01-11 16:15:00

CVE-2021-44141

2022-02-21 18:15:00

CVE-2022-0336

2022-08-29 15:15:00

cbl_mariner

CVE-2021-43566 affecting package samba 4.12.5-6

2024-04-26 09:06:34

CVE-2021-44141 affecting package samba 4.12.5-6

2024-04-26 09:06:34

CVE-2021-44142 affecting package samba 4.12.5-6

2024-04-26 09:06:34

cnvd

Samba competition condition issue vulnerability

2022-01-12 00:00:00

ubuntucve

CVE-2021-44141

2022-01-31 00:00:00

CVE-2021-43566

2022-01-11 00:00:00

CVE-2021-44142

2022-01-31 00:00:00

K45752041 : Samba vulnerability CVE-2021-44141

2022-02-11 00:00:00

K08602542 : SAMBA vulnerability CVE-2022-0336

2022-02-11 00:00:00

K84695749 : Samba vulnerability CVE-2021-44142

2022-02-02 00:00:00

debiancve

CVE-2021-44141

2022-02-21 18:15:00

CVE-2021-43566

2022-01-11 16:15:00

CVE-2022-0336

2022-08-29 15:15:00

rocky

samba bug fix and enhancement update

2021-11-09 09:21:40

samba security and bug fix update

2022-02-01 03:32:27

samba security, bug fix, and enhancement update

2022-05-10 08:15:39

redhatcve

CVE-2021-43566

2022-01-11 05:28:47

CVE-2021-44141

2022-01-31 15:06:29

CVE-2021-44142

2022-01-31 15:06:30

paloalto

Informational: Impact of the Samba Vulnerability CVE-2021-44142 on PAN-OS

2022-03-09 17:00:00

oraclelinux

samba security and bug fix update

2022-02-01 00:00:00

samba security and bug fix update

2022-02-01 00:00:00

samba security, bug fix, and enhancement update

2022-05-17 00:00:00

redhat

(RHSA-2022:0458) Critical: samba security update

2022-02-07 17:28:27

(RHSA-2022:0330) Critical: samba security update

2022-01-31 15:40:27

(RHSA-2022:0663) Critical: samba security update

2022-02-23 18:47:36

zdi

(Pwn2Own) Samba fruit_pwrite Heap-based Buffer Overflow Remote Code Execution Vulnerability

2022-02-01 00:00:00

(Pwn2Own) Samba fruit_pread Out-Of-Bounds Read Information Disclosure Vulnerability

2022-02-01 00:00:00

Samba AppleDouble Entry Heap-based Buffer Overflow Remote Code Execution Vulnerability

2022-02-01 00:00:00

cert

Samba vfs_fruit module insecurely handles extended file attributes

2022-01-31 00:00:00

trendmicroblog

The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It

2022-02-02 00:00:00

threatpost

Samba 'Fruit' Bug Allows RCE, Full Root User Access

2022-02-01 20:02:02

githubexploit

Exploit for Out-of-bounds Read in Samba

2022-03-29 17:32:25

Exploit for Out-of-bounds Read in Samba

2022-03-29 19:03:38

Exploit for Out-of-bounds Read in Samba

2022-04-22 04:46:54

cloudfoundry

USN-5260-2: Samba vulnerability | Cloud Foundry

2022-03-10 00:00:00

almalinux

Moderate: samba security, bug fix, and enhancement update

2022-05-10 00:00:00

Critical: samba security and bug fix update

2022-01-31 15:40:41

centos

ctdb, libsmbclient, libwbclient, samba security update

2022-02-01 18:03:11

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.136 Low

EPSS

Percentile

95.5%

JSON

Related for 8579074C-839F-11EC-A3B2-005056A311D1