Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:samba:samba:4.2.11:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1050 |
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. Published: March 13, 2018; 12:29:00 PM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 3.3 LOW |
CVE-2017-2619 |
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. Published: March 12, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 6.0 MEDIUM |
CVE-2017-15275 |
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. Published: November 27, 2017; 5:29:00 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-14746 |
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request. Published: November 27, 2017; 5:29:00 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-11103 |
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated. Published: July 13, 2017; 9:29:00 AM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-9461 |
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks. Published: June 06, 2017; 5:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 6.8 MEDIUM |
CVE-2017-7494 |
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Published: May 30, 2017; 2:29:00 PM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2016-2126 |
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions. Published: May 11, 2017; 10:29:58 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-2119 |
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag. Published: July 07, 2016; 11:59:00 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 6.8 MEDIUM |
CVE-2011-2411 |
Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors. Published: October 02, 2011; 4:55:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.0 HIGH |