National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:samba:samba:2.2.7a
There are 29 matching records.
Displaying matches 21 through 29.
Vuln ID Summary CVSS Severity
CVE-2004-0829

smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2004-2546

Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 6.4 MEDIUM
CVE-2004-2687

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.

Published: December 31, 2004; 12:00:00 AM -05:00
V2: 9.3 HIGH
CVE-2004-0815

The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.

Published: November 03, 2004; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2003-1332

Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.

Published: December 31, 2003; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

Published: May 05, 2003; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

Published: May 05, 2003; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2003-0085

Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.

Published: March 31, 2003; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2003-0086

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.

Published: March 31, 2003; 12:00:00 AM -05:00
V2: 1.2 LOW