samba software vulnerabilities
vulnerabilities.aspcode.net
Searching samba software vulnerabilities
Samba Web Administration Tool (SWAT) in Samba 2
Administration
|
Samba
|
Tool
|
Web
|
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart.
Samba before 2.2.0 allows local attackers to ov
before
|
Samba
|
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.
Vulnerability in CIFS/9000 Server (SAMBA) A.01.
Vulnerability
|
CIFS/9000
|
Server
|
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
Samba before 2.2.5 does not properly terminate
before
|
Samba
|
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.
Buffer overflow in the SMB/CIFS packet fragment
re-assembly
|
fragment
|
SMB/CIFS
|
overflow
|
daemon
|
Buffer
|
packet
|
code
|
SMB
|
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
The code for writing reg files in Samba before
writing
|
before
|
Samba
|
files
|
code
|
reg
|
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
Multiple buffer overflows in Samba before 2.2.8
vulnerability
|
CVE-2003-0201
|
discovered
|
attackers
|
arbitrary
|
overflows
|
different
|
Multiple
|
execute
|
service
|
denial
|
buffer
|
before
|
remote
|
Samba
|
allow
|
cause
|
than
|
code
|
228a
|
team
|
may
|
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
Buffer overflow in the call_trans2open function
call_trans2open
|
function
|
overflow
|
trans2c
|
before
|
Buffer
|
Samba
|
228a
|
22x
|
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
Stack-based buffer overflow in the reply_nttran
vulnerability
|
reply_nttrans
|
CVE-2003-0201
|
Stack-based
|
attackers
|
arbitrary
|
different
|
function
|
overflow
|
crafted
|
request
|
execute
|
earlier
|
allows
|
buffer
|
remote
|
Samba
|
than
|
227a
|
code
|
via
|
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.
Buffer overflow in the Samba Web Administration
Administration
|
overflow
|
Buffer
|
Samba
|
Tool
|
Web
|
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.
overflow
|
Buffer
|
Samba
|
22x
|
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
Samba 3.0.6 and earlier allows remote attackers
Samba
|
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
smbd in Samba before 2.2.11 allows remote attac
before
|
Samba
|
smbd
|
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.
Buffer overflow in the QFILEPATHINFO request ha
QFILEPATHINFO
|
overflow
|
handler
|
through
|
request
|
Buffer
|
Samba
|
30x
|
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
Multiple vulnerabilities in the samba filesyste
vulnerabilities
|
filesystem
|
Multiple
|
samba
|
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
The ms_fnmatch function in Samba 3.0.4 and 3.0.
ms_fnmatch
|
function
|
Samba
|
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
SecureCRT 4.0, 4.1, and possibly other versions
arbitrary
|
attackers
|
SecureCRT
|
versions
|
possibly
|
commands
|
execute
|
allows
|
remote
|
other
|
via
|
SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share.
Multiple memory leaks in Samba before 3.0.6 all
Multiple
|
before
|
memory
|
Samba
|
leaks
|
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
Buffer overflow in the spa_base64_to_bits funct
spa_base64_to_bits
|
function
|
overflow
|
before
|
Buffer
|
Exim
|
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
Unspecified vulnerability in HP-UX B.11.11 and
vulnerability
|
Unspecified
|
Server
|
B1123
|
HP-UX
|
B1111
|
CIFS
|
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
Software vulnerabilities results 1 to 20 of 38
Page:
1
2
►