Lucene search
K

4 matches found

seebug.org
seebug.org
added 2007/02/07 12:0 a.m.69 views

Samba服务器VFS插件afsacl.so远程格式串处理漏洞

Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。 Samba的VFS插件afsacl.so库在处理文件名时存在格式串漏洞,攻击者可能利用此漏洞诱使用户处理恶意的VFS分区控制服务器。 Samba在调用snprintf时将磁盘上所储存的文件名用作了格式串,如果用户能够写入的共享使用Samba的afsacl.so库对AFS文件系统上的文件设置Windows NT访问控制列表的话,就可能通过文件名中的格式串标识符导致执行任意代码。 这个漏洞仅影响与CIFS共享了AFS文件系统并在smb.conf中明确要求加载afsacl.s...

7.5CVSS0.1AI score0.06412EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2007/02/06 2:28 a.m.28 views

CVE-2007-0452

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service memory and CPU exhaustion by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop...

6.8CVSS7.3AI score0.0459EPSS
Exploits1References2
securityvulns
securityvulns
added 2007/02/05 12:0 a.m.95 views

[SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Potential Denial of Service bug in smbd == CVE ID: CVE-2007-0452 == == Versions: Samba 3.0.6 - 3.0.23d inclusive == == Summary: A logic error in the deferred open code == can le...

6.8CVSS7.2AI score0.0459EPSS
Exploits1
CVE
CVE
added 2004/09/14 4:0 a.m.66 views

CVE-2004-0808

CVE-2004-0808 affects Samba 3.0.6 and earlier, where the nmbd server can be remotely DoSed via a SAM_UAS_CHANGE request with an overly large length when domain logons are enabled. The provided documents identify a Samba vulnerability and reference a Red Hat advisory (RHSA-2004:467) and other CVE ...

5CVSS6.2AI score0.05355EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder