CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Samba•added 2022/12/15 12:0 a.m.•115 views

RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided

Description This is Samba's response to Microsoft's CVE-2022-3802312. Following RFC8429 and as has been published for CVE-2022-3938, rc4-hmac also known as arcfour-hmac-md5 cryptography in Kerberos is weak, then it follows that the RC4 mode in the NETLOGON Secure Channel DCE/RPC bulk encryption i...

8.1CVSS7.4AI score0.00464EPSS

Exploits0

OpenVAS•added 2021/04/19 12:0 a.m.•18 views

SUSE: Security Advisory (SUSE-SU-2016:0814-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.03995EPSS

Exploits0References8

Tenable Nessus•added 2016/04/01 12:0 a.m.•18 views

SUSE SLES11 Security Update : samba (SUSE-SU-2016:0905-1)

"This update for samba fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.5CVSS6.6AI score0.03995EPSS

Exploits0References7

Tenable Nessus•added 2016/01/12 12:0 a.m.•25 views

SUSE SLES11 Security Update : samba (SUSE-SU-2016:0032-1)

This update for Samba fixes the following security issues : - CVE-2015-5330: Remote read memory exploit in LDB bnc958586. - CVE-2015-5252: Insufficient symlink verification file access outside the share bnc958582. - CVE-2015-5296: No man in the middle protection when forcing smb encryption on the...

7.5CVSS6.7AI score0.17333EPSS

Exploits1References21

CERT•added 2008/02/20 12:0 a.m.•47 views

Samba "send_mailslot()" function buffer overflow

Overview The Samba "sendmailslot" function contains a stack-based buffer overflow vulnerability which could be exploited by a remote, unauthenticated attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File...

9.3CVSS8AI score0.48861EPSS

Exploits1References3

seebug.org•added 2007/12/15 12:0 a.m.•23 views

Samba 3.0.27a send_mailslot() Remote Buffer Overflow PoC

No description provided by source. / http://secunia.com/secuniaresearch/2007-99/advisory/ A remote attacker could send a specially crafted "SAMLOGON" domain logon packet, possibly leading to the execution of arbitrary code with...

7.1AI score

Exploits0

Exploit DB•added 2007/12/14 12:0 a.m.•100 views

Samba 3.0.27a - 'send_mailslot()' Remote Buffer Overflow

/ http://secunia.com/secuniaresearch/2007-99/advisory/ A remote attacker could send a specially crafted "SAMLOGON" domain logon packet, possibly leading to the execution of arbitrary code with elevated privileges. Note that this vulnerability is exploitable only when domain logon support is enabl...

7.4AI score

Exploits0

exploitpack•added 2007/12/14 12:0 a.m.•26 views

Samba 3.0.27a - send_mailslot() Remote Buffer Overflow

Samba 3.0.27a - sendmailslot Remote Buffer Overflow / http://secunia.com/secuniaresearch/2007-99/advisory/ A remote attacker could send a specially crafted "SAMLOGON" domain logon packet, possibly leading to the execution of arbitrary code with elevated privileges. Note that this vulnerability is...

0.7AI score

Exploits0

NVD•added 2007/12/13 9:46 p.m.•23 views

CVE-2007-6015

Stack-based buffer overflow in the sendmailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON...

9.3CVSS7.8AI score0.48861EPSS

Exploits1References57