1862 matches found
DEBIAN-CVE-2007-0080
Buffer overflow in the SMBConnectServer function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMBHandleType instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that...
Design/Logic Flaw
The Server Message Block SMB driver MRXSMB.SYS in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service hang by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock,...
CVE-2006-2373
The Server Message Block SMB driver MRXSMB.SYS in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHODNEITHER method flag and an arbitrary address, possibly f...
CVE-2006-2374
The Server Message Block SMB driver MRXSMB.SYS in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service hang by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock,...
PT-2006-3338 · Microsoft · Windows +1
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to XP SP3 and Server 2003 SP2 Description: The issue is related to a denial of service vulnerability in the Server Message Block SMB driver. It allows local users to cause a system hang by calling the...
MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)
The remote version of Windows contains a version of SMB Server Message Block protocol that is affected by several vulnerabilities. An attacker may exploit these flaws to elevate his privileges and gain control of the remote host. C Tenable Network Security, Inc. include"compat.inc"; if descriptio...
security flaw
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1863...
security flaw
Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service crash from null dereference via the 1 Sniffer capture or 2 SMB PIPE dissector...
security flaw
Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service crash via unknown vectors in 1 the IrDA dissector and 2 the SMB dissector when SMB transaction payload reassembly is enabled...
security flaw
Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service memory consumption via unknown attack vectors...
CVE-2005-1206
Buffer overflow in the Server Message Block SMB functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."...
Microsoft Server Message Block vulnerable to buffer overflow
Overview Microsoft Server Message Block SMB is vulnerable to a buffer handling flaw when processing incoming SMB packets that may lead to remote code execution. Description Server Message Block is a protocol which allows sharing of files, printers, serial ports, and other abstractions. The SMB...
CVE-2005-0045
The Server Message Block SMB implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing 1 Trans or 2 Trans2 commands, aka the "Server Message Block...
CVE-2005-0045
The Server Message Block SMB implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing 1 Trans or 2 Trans2 commands, aka the "Server Message Block...
MS05-011: Vulnerability in SMB may allow remote code execution (885250)
The remote version of Windows contains a flaw in the Server Message Block SMB implementation that could allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to send malformed responses to the remote SMB client, and would be able to either...
security flaw
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service CPU consumption via a certain malformed SMB packet...
PT-2004-2107 · Ethereal +1 · Ethereal +1
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.0 through 0.10.7 Description: The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by sending a certain malformed SMB packet. Recommendations: For versions 0.9.0 through 0.10.7,...
CVE-2002-1256
CVE-2002-1256 describes a flaw in SMB signing in Windows 2000/XP that lets an attacker disable SMB signing in a session and inject unsigned data, potentially modifying group policy information sent from a domain controller. Affected products are Microsoft Windows 2000 and Windows XP; the root cau...
security flaw
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service process crash via a handle without a policy name, which causes a null dereference...
PT-2004-1726 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.15 through 0.10.4 Description: The issue allows remote attackers to cause a denial of service, resulting in a process crash, by exploiting the SMB SID snooping capability via a handle without a policy name, leading to a...