CVSS: 9.8EPSS: 4%CPEs: 7EXPL: 0CVE-2013-4496 – samba: Password lockout not enforced for SAMR password changes
https://notcve.org/view.php?id=CVE-2013-4496
14 Mar 2014 — Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts. Samba 3.x anterior a 3.6.23, 4.0.x anterior a 4.0.16 y 4.1.x anterior a 4.1.6 no fuerza el mecanismo de protección de adivinación de contraseña para todas las interfaces, lo que facilita a atacantes remotos obtener acceso a través de int... • http://advisories.mageia.org/MGASA-2014-0138.html • CWE-255: Credentials Management Errors •
CVSS: 9.8EPSS: 2%CPEs: 188EXPL: 0CVE-2013-4408 – samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check
https://notcve.org/view.php?id=CVE-2013-4408
10 Dec 2013 — Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet. Desbordamiento de búfer en la función dcerpc_read_ncacn_packet_done en librpc/rpc/dcerpc_util.c en winbindd en Samba 3.x anterior a 3.6.22, 4.0.x anterior a 4.0.13 y 4.1.x anterior a 4.1.3 que permite a los contro... • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 2CVE-2012-6150 – samba: pam_winbind fails open when non-existent group specified to require_membership_of
https://notcve.org/view.php?id=CVE-2012-6150
03 Dec 2013 — The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake. La función winbind_name_list_to_sid_string_list en nsswitch/pam_winbind.c en Samba hasta v4.1.2 maneja nombres de grupo require_membership_... • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html • CWE-20: Improper Input Validation •