CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8467 – Gentoo Linux Security Advisory 201612-47
https://notcve.org/view.php?id=CVE-2015-8467
29 Dec 2015 — The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535. La función samldb_check_user_account_control_acl en dsdb/samdb/ldb_modul... • http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 1%CPEs: 57EXPL: 0CVE-2015-5330 – libldb: remote memory read in the Samba LDAP server
https://notcve.org/view.php?id=CVE-2015-5330
29 Dec 2015 — ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value. ldb en versiones anteriores a 1.1.24, como se utiliza en el servidor AD LDAP en Samba 4.x en versiones anteriores a 4.1.22, 4.2.x en versiones anteriores a 4.2.7 y 4.3.x en versiones anter... • http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html • CWE-135: Incorrect Calculation of Multi-Byte String Length CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 4%CPEs: 7EXPL: 0CVE-2015-7540 – samba: DoS to AD-DC due to insufficient checking of asn1 memory allocation
https://notcve.org/view.php?id=CVE-2015-7540
29 Dec 2015 — The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets. El servidor LDAP en el controlador de dominio AD en Samba 4.x en versiones anteriores a 4.1.22 no comprueba los valores de retorno para asegurar que la asignación de memoria ASN.1 tuvo éxito, lo que permite a atacantes remotos provocar una denegaci... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 97%CPEs: 96EXPL: 3CVE-2015-0240 – Samba < 3.6.2 (x86) - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2015-0240
23 Feb 2015 — The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c. La implentación del servidor Netlogon en smbd en Samba 3.5.x y... • https://packetstorm.news/files/id/180975 • CWE-17: DEPRECATED: Code CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 43EXPL: 0CVE-2014-8143 – Slackware Security Advisory - samba Updates
https://notcve.org/view.php?id=CVE-2014-8143
17 Jan 2015 — Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation. Samba 4.0.x anterior a 4.0.24, 4.1.x anterior a 4.1.16, y 4.2.x anterior a 4.2rc4, cuando un Active Directory Domain Controller (AD DC) está configurado, per... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 90%CPEs: 35EXPL: 0CVE-2014-3560 – samba: remote code execution in nmbd
https://notcve.org/view.php?id=CVE-2014-3560
01 Aug 2014 — NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h. NetBIOS name services daemon (nmbd) en Samba 4.0.x anterior a 4.0.21 y 4.1.x anterior a 4.1.11 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados que modifican la memoria dinámica, inv... • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136280.html • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 52EXPL: 0CVE-2014-0244 – samba: nmbd denial of service
https://notcve.org/view.php?id=CVE-2014-0244
23 Jun 2014 — The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet. La función sys_recvfrom en nmbd en Samba 3.6.x anterior a 3.6.24, 4.0.x anterior a 4.0.19 y 4.1.x anterior a 4.1.9 permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumo de CPU) a través de un paquete UDP malformado. A denial of service flaw was found in... • http://advisories.mageia.org/MGASA-2014-0279.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 2%CPEs: 52EXPL: 0CVE-2014-3493 – samba: smbd unicode path names denial of service
https://notcve.org/view.php?id=CVE-2014-3493
23 Jun 2014 — The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference. La función push_ascii en smbd en Samba 3.6.x anterior a 3.6.24, 4.0.x anterior a 4.0.19 y 4.1.x anterior a 4.1.9 permite a usuarios remot... • http://advisories.mageia.org/MGASA-2014-0279.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-393: Return of Wrong Status Code •
CVSS: 7.5EPSS: 10%CPEs: 2EXPL: 0CVE-2014-0239 – Ubuntu Security Notice USN-2257-1
https://notcve.org/view.php?id=CVE-2014-0239
28 May 2014 — The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103. El servidor DNS interno en Samba 4.x anterior a 4.0.18 no comprueba el campo QR en la sección de cabecera de un mensaje DNS entrante antes de enviar una respuesta, lo ... • http://secunia.com/advisories/59579 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 1%CPEs: 29EXPL: 0CVE-2014-0178 – samba: Uninitialized memory exposure
https://notcve.org/view.php?id=CVE-2014-0178
28 May 2014 — Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request. Samba 3.6.6 hasta 3.6.23, 4.0.x anterior a 4.0.18 y 4.1.x anterior a 4.1.8, cuando cierta configuración de copia shadow vfs est... • http://advisories.mageia.org/MGASA-2014-0279.html • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-665: Improper Initialization •