Searching smb software vulnerabilities

A remote attacker can gain access to a file sys

attacker | system | access | remote | using | file | gain | can |

A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares.


A NETBIOS/SMB share password is the default, nu

NETBIOS/SMB | password | missing | default | share | null |

A NETBIOS/SMB share password is the default, null, or missing.


A system-critical NETBIOS/SMB share has inappro

system-critical | inappropriate | NETBIOS/SMB | control | access | share | has |

A system-critical NETBIOS/SMB share has inappropriate access control.


Buffer overflow in pam_smb and pam_ntdom plugga

authentication | pam_ntdom | pluggable | overflow | modules | pam_smb | Buffer |

Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name.


Iomega NAS A300U uses cleartext LANMAN authenti

man-in-the-middle | authentication | cleartext | attackers | CIFS/SMB | mounting | perform | remote | allows | Iomega | attack | LANMAN | drives | A300U | which | uses | NAS |

Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack.


Buffer overflow in the SMB/CIFS packet fragment

re-assembly | fragment | SMB/CIFS | overflow | daemon | Buffer | packet | code | SMB |

Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.


Buffer overflow in the SMB capability for Micro

capability | Microsoft | overflow | Windows | Buffer | SMB |

Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required.


Buffer overflow in PAM SMB module (pam_smb) 1.1

overflow | module | Buffer | SMB | PAM |

Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.


Stack-based buffer overflow in SMB_Logon_Server

SMB_Logon_Server | experimental | Stack-based | FreeRADIUS | overflow | rlm_smb | buffer | module |

Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.


The SMB dissector in Ethereal before 0.10.0 all

dissector | Ethereal | before | SMB |

The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.


Multiple vulnerabilities in the samba filesyste

vulnerabilities | filesystem | Multiple | samba |

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.


Ethereal 0.9.0 through 0.10.7 allows remote att

Ethereal |

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.


Multiple unknown vulnerabilities in the (1) WSP

vulnerabilities | Multiple | unknown |

Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error).


Ethereal 0.10.12 and earlier allows remote atta

Ethereal |

Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled.


The Server Service (SRV.SYS driver) in Microsof

Service | Server |

The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability."


The Server Message Block (SMB) driver (MRXSMB.S

Message | Server | Block |

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) via by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."


The SMB Mailslot parsing functionality in PAM i

functionality | products | multiple | Mailslot | parsing | XPU | ISS | SMB | PAM |

The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.


The server driver (srv.sys) in Microsoft Window

driver | server |

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.


Xerox WorkCentre and WorkCentre Pro before 12.0

WorkCentre | before | Xerox | Pro |

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not properly restrict access to SMB file resources, which allows remote attackers to gain unspecified file or directory access via vectors related to (1) visibility of the SMB "Homes" share and (2) SMB file system browsing.


ZynOS 3.40 allows remote attackers to cause a d

ZynOS |

ZynOS 3.40 allows remote attackers to cause a denial of service (link restart) by sending a request for the name \M via the SMB Mail Slot Protocol.


Software vulnerabilities results 1 to 20 of 55     
Page: 123