CVE-2000-0936 – Samba 2.0.7 - SWAT Logfile Permissions
https://notcve.org/view.php?id=CVE-2000-0936
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. • https://www.exploit-db.com/exploits/20341 http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html http://www.securityfocus.com/bid/1874 https://exchange.xforce.ibmcloud.com/vulnerabilities/5445 •
CVE-2000-0937 – Samba 2.0.7 - SWAT Logging Failure
https://notcve.org/view.php?id=CVE-2000-0937
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks. • https://www.exploit-db.com/exploits/20340 http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html http://www.securityfocus.com/bid/1873 https://exchange.xforce.ibmcloud.com/vulnerabilities/5442 •
CVE-2000-0938
https://notcve.org/view.php?id=CVE-2000-0938
Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. • http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5442 •
CVE-2000-0939
https://notcve.org/view.php?id=CVE-2000-0939
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. • http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5444 •
CVE-1999-0812
https://notcve.org/view.php?id=CVE-1999-0812
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0812 •