8 matches found
Missing access checks on reparse point
Description Starting with Samba 4.21, users can create and delete NTFS-style reparse points https://en.wikipedia.org/wiki/NTFSreparsepoint via the SMB protocol. The Reparse Point Metadata is stored in an extended attribute named "user.SmbReparse" together with the FILEATTRIBUTEREPARSEPOINT bit in...
EUVD-1999-0792
Malware in sbrugna...
SUSE CVE-2015-5252
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share...
NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Vulnerability (NS-SA-2021-0114)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by a vulnerability: - A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw...
Negative idmap cache entries can cause incorrect
Description The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could caus...
DEBIAN-CVE-2010-1635
The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...
iDEFENSE Security Advisory 12.16.04: Samba smbd Security Descriptor Integer Overflow Vulnerability
Samba smbd Security Descriptor Integer Overflow Vulnerability iDEFENSE Security Advisory 12.16.04 http://www.idefense.com/application/poi/display?id=165 December 16, 2004 I. BACKGROUND Samba is an open source implementation of the SMB/CIFS protocol which allows Windows clients to use resources on...
CVE-1999-0811
Buffer overflow in Samba smbd program via a malformed message command...