Lucene search
K

9 matches found

Samba
Samba
added 2022/01/31 12:0 a.m.141 views

Information leak via symlinks of existance of

Description All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this atta...

4.3CVSS6.7AI score0.01097EPSS
Exploits0
Samba
Samba
added 2018/08/14 12:0 a.m.536 views

Insufficient input validation on client directory

Description Samba releases 3.2.0 to 4.8.3 inclusive contain an error in libsmbclient that could allow a malicious server to overwrite client heap memory by returning an extra long filename in a directory listing. Patch Availability Patches addressing this issue have been posted to:...

8.8CVSS0.8AI score0.04302EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/09/22 12:0 a.m.54 views

CentOS 7 : samba (CESA-2017:2790)

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.4CVSS6.3AI score0.13334EPSS
Exploits0References4
Cent OS
Cent OS
added 2017/09/21 5:20 p.m.75 views

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2017:2790 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.4CVSS6.6AI score0.13334EPSS
Exploits0References7
Samba
Samba
added 2015/12/16 12:0 a.m.566 views

Denial of service in Samba Active Directory

Description All versions of Samba from 4.0.0 to 4.3.2 inclusive resp. all ldb versions up to 1.1.23 inclusive are vulnerable to a denial of service attack in the samba daemon LDAP server. A malicious client can send packets that cause the LDAP server in the samba daemon process to become...

5.3CVSS6.4AI score0.06884EPSS
Exploits0
Samba
Samba
added 2014/06/23 12:0 a.m.519 views

Denial of service - Server crash/memory corruption

Description All current released versions of Samba are vulnerable to a denial of service on the smbd file server daemon. Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request. The crash is caused by memory bein...

2.7CVSS9.2AI score0.07269EPSS
Exploits0
Samba
Samba
added 2014/06/23 12:0 a.m.539 views

Denial of service - CPU loop

Description All current released versions of Samba are vulnerable to a denial of service on the nmbd NetBIOS name services daemon. A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service. This flaw is not exploitable beyond causing the code to loo...

3.3CVSS7.5AI score0.20481EPSS
Exploits0
Samba
Samba
added 2012/01/29 12:0 a.m.48 views

Memory leak/Denial of service.

Description Samba versions 3.6.0 to 3.6.2 inclusive are vulnerable to a memory leak that can cause a server denial of service. The Samba smbd daemon that listens for incoming connections leaks a small amount of memory on every connection attempt. Although this is a small leak, it happens on every...

5CVSS6AI score0.03532EPSS
Exploits0
Samba
Samba
added 2009/06/23 12:0 a.m.53 views

Uninitialized read of a data value

Description The smbd daemon in Samba 3.0.31 - 3.3.5 contains an uninitialized read of a data value that can potentially affect access control. If a user is trying to modify an access control list ACL and is denied permission, this deny may be overridden if the parameter "dos filemode" is set to...

5.8CVSS7.2AI score0.04606EPSS
Exploits2
Rows per page
Query Builder