Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:samba:samba:3.6.7:*:*:*:*:*:*:*
There are 33 matching records.
Displaying matches 21 through 33.
Vuln ID Summary CVSS Severity
CVE-2016-2118

The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."

Published: April 12, 2016; 7:59:37 PM -0400
V3.1: 7.5 HIGH
V2.0: 6.8 MEDIUM
CVE-2015-7560

The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

Published: March 13, 2016; 6:59:00 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2014-3493

The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.

Published: June 23, 2014; 10:55:05 AM -0400
V3.x:(not available)
V2.0: 2.7 LOW
CVE-2014-0244

The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.

Published: June 23, 2014; 10:55:05 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2014-0178

Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.

Published: May 28, 2014; 12:58:32 AM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2013-4496

Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.

Published: March 14, 2014; 6:55:05 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-4408

Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.

Published: December 10, 2013; 1:14:55 AM -0500
V3.x:(not available)
V2.0: 8.3 HIGH
CVE-2012-6150

The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.

Published: December 03, 2013; 2:55:03 PM -0500
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2013-4475

Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).

Published: November 13, 2013; 10:55:03 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-4124

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Published: August 05, 2013; 10:56:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-0214

Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.

Published: February 02, 2013; 3:55:03 PM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2013-0213

The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.

Published: February 02, 2013; 3:55:03 PM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2011-2411

Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors.

Published: October 02, 2011; 4:55:00 PM -0400
V3.x:(not available)
V2.0: 9.0 HIGH