Missing access checks on reparse point

Description Starting with Samba 4.21, users can create and delete NTFS-style reparse points https://en.wikipedia.org/wiki/NTFSreparsepoint via the SMB protocol. The Reparse Point Metadata is stored in an extended attribute named "user.SmbReparse" together with the FILEATTRIBUTEREPARSEPOINT bit in...

CVE-2026-7068

A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBDprocess of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used...

CVE-2026-7068

A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBDprocess of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used...

CVE-2026-7068

CVE-2026-7068 affects D-Link DIR-825 (firmware 3.00b32) in the nmbd component, specifically NMBD_process in sserver.c, causing a buffer overflow. Impacted action is local-network based, with confidentiality/integrity/availability rated high by CVSS data; exploit maturity noted as PROOF-OF-CONCEPT...

EUVD-2026-25739

A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBDprocess of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used...

EUVD-1999-0791

Malware in sbrugna...

SUSE CVE-2004-0808

The processlogonpacket function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAMUASCHANGE request with a length value that is larger than the number of structures that are provided...

SUSE CVE-2007-4572

Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests...

SUSE CVE-2007-5398

Stack-based buffer overflow in the replynetbiospacket function in nmbd/nmbdpackets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request...

SUSE CVE-2007-6015

Stack-based buffer overflow in the sendmailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON...

SUSE CVE-2014-0244

The sysrecvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a malformed UDP packet...

Samba 3.0.0 <= 3.0.6 Multiple Vulnerabilities

Samba 3.0.x = 3.0.6 DoS Vulnerabilities Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute ...

Oracle: Security Advisory (ELSA-2014-1008)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Samba 3.6.x < 3.6.24 / 4.0.x < 4.0.19 / 4.1.x < 4.1.9 Multiple Vulnerabilities

Binary data 8757.prm...

Samba 4.x < 4.0.21 / 4.1.x < 4.1.11 nmbd Remote Code Execution

Binary data 8759.prm...

Samba nmbd unstrcpy Buffer Overflow (CVE-2014-3560)

A buffer overflow vulnerability has been reported in Samba server. The vulnerability is due to using incorrect buffer size in a string copy operation in the nmbd daemon. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious packets to a vulnerable nmbd service...

CentOS Update for libsmbclient CESA-2014:0867 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-3560

NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...

CVE-2014-3560

CVE-2014-3560 affects Samba’s NetBIOS name service daemon (nmbd). The issue lies in a heap-memory corruption caused by a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h, impacting Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11. This enables remote code exec...

Oracle Linux 6 : samba4 (ELSA-2014-1009)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-1009 advisory. - resolves: 1126011 - CVE-2014-3560: remote code execution in nmbd. - resolves: 1105501 - CVE-2014-0244: DoS in nmbd. - resolves: 1108842 - CVE-2014-3493: DoS i...