Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017521 advisory. A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to...

MiracleLinux 3 : samba-3.0.24-10AX (AXSA:2008-78:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-78:02 advisory. Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of available files and printers...

EUVD-2013-4344

Malware in sbrugna...

EUVD-2019-6010

Malware in sbrugna...

EUVD-2019-6007

Malware in sbrugna...

EUVD-2019-5985

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-0240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs ...

Linux Distros Unpatched Vulnerability : CVE-2017-2619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not...

SUSE CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

SUSE CVE-2013-4496

Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 1 SAMR or 2 RAP attempts...

SUSE CVE-2014-8143

Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller AD DC is configured, allows remote authenticated users to set the LDB userAccountControl UFSERVERTRUSTACCOUNT bit, and consequently gain privileges, by leveraging delegation of...

SUSE CVE-2016-2115

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacnnp, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream...

SUSE CVE-2017-12150

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text...

SUSE CVE-2018-16857

Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords to restrict brute forcing of passwords in a window of more than 3 minutes may not watch for bad passwords at all. The primary risk from this issue is with regards to domains that have been...

AZL-44859 CVE-2021-44758 affecting package samba for versions less than 4.18.3-1

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1459)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Samba vfsfruit module uses extended file attributes EA, xattr to provide ...enhanced compatibility with Apple SMB clients and interoperabilit...

Samba 3.6.6 <= 4.1.7 Uninitialized Memory Exposure vulnerability (CVE-2014-0178)

Samba 3.6.6 to 4.1.7 are affected by a vulnerability that allows an authenticated client to retrieve eight bytes of uninitialized server memory when a shadow-copy VFS module is enabled. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, a...

Samba 3.2.0 <= 3.2.2 Elevate Privileges Vulnerability (CVE-2008-3789)

Wrong permissions of groupmapping.ldb. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute i...

AZL-36997 CVE-2020-27840 affecting package samba for versions less than 4.18.3-1

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

DEBIAN-CVE-2020-10760

A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba...