U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:samba:samba:2.0.6
There are 44 matching records.
Displaying matches 41 through 44.
Vuln ID Summary CVSS Severity
CVE-2003-0086

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.

Published: March 31, 2003; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 1.2 LOW
CVE-2002-2196

Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.

Published: December 31, 2002; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-2001-0406

Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.

Published: July 02, 2001; 12:00:00 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 2.1 LOW
CVE-2001-1162

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

Published: June 23, 2001; 12:00:00 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH