Lucene search
K

10 matches found

Prion
Prion
added 2014/08/06 6:55 p.m.28 views

Heap overflow

NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...

7.9CVSS8.1AI score0.56378EPSS
Exploits0References14Affected Software3
Cvelist
Cvelist
added 2014/08/06 6:0 p.m.30 views

CVE-2014-3560

NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...

7.3AI score0.56378EPSS
Exploits0References14
Prion
Prion
added 2014/06/23 2:55 p.m.31 views

Memory corruption

The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...

2.7CVSS6.7AI score0.07269EPSS
Exploits0References23Affected Software1
Cvelist
Cvelist
added 2014/06/23 2:0 p.m.35 views

CVE-2014-0244

The sysrecvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a malformed UDP packet...

6.1AI score0.20481EPSS
Exploits0References23
Debian CVE
Debian CVE
added 2014/06/23 2:0 p.m.31 views

CVE-2014-3493

The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...

2.7CVSS8.6AI score0.07269EPSS
Exploits0
Prion
Prion
added 2014/05/28 4:58 a.m.22 views

Server side request forgery (ssrf)

Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRVSNAPSHOTARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memo...

3.5CVSS6.1AI score0.04468EPSS
Exploits0References14Affected Software1
UbuntuCve
UbuntuCve
added 2014/03/14 10:55 a.m.28 views

CVE-2013-6442

The ownerset function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended...

5.8CVSS7.2AI score0.04103EPSS
Exploits1References2
Prion
Prion
added 2014/03/14 10:55 a.m.18 views

Design/Logic Flaw

The ownerset function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended...

5.8CVSS7AI score0.04103EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2014/03/14 10:0 a.m.22 views

CVE-2013-6442

The ownerset function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended...

5.8CVSS5.6AI score0.04103EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/11/22 12:0 a.m.22 views

Mandriva Linux Security Advisory : samba (MDVSA-2013:278)

A vulnerability has been found and corrected in samba : Samba 3.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfsstreamsdepot or vfsstreamsxattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an...

4CVSS7.5AI score0.09017EPSS
Exploits0References5
Rows per page
Query Builder