CVE-2004-0815
https://notcve.org/view.php?id=CVE-2004-0815
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. La función unix_clena_name en Samba 2.2.x a 2.2.11, y 3.0.x anterirores a 3.0.2a, recorta ciertos nombres de directorio a sus rutas absolutas, lo que podría permitir a atacantes evitar la restricticiones de espeficadas de lectura, ejecución y listado de carpetas compartidas mediante secuencias del estilo "/.////" en rutas. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 http://marc.info/?l=bugtraq&m=109655827913457&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101584-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57664-1 http://sunsolve.sun.com/search/document.do? •
CVE-2004-0808
https://notcve.org/view.php?id=CVE-2004-0808
The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 http://marc.info/?l=bugtraq&m=109509335230495&w=2 http://marc.info/?l=bugtraq&m=109526231623307&w=2 http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml http://www.idefense.com/application/poi/display?id=138&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php? •
CVE-2004-0807
https://notcve.org/view.php?id=CVE-2004-0807
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. • ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 http://marc.info/?l=bugtraq&m=109509335230495&w=2 http://marc.info/?l=bugtraq&m=109526231623307&w=2 http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php? •
CVE-2004-0686
https://notcve.org/view.php?id=CVE-2004-0686
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. Desbordamiento de búfer en Samba 2.2.x a 2.2.9 y 3.0.0 a 3.0.4, cuando la opción "mangling method = hash" está establecida en smb.conf, con impacto y vectores de ataque desconocidos. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000854 http://marc.info/?l=bugtraq&m=109051340810458&w=2 http://marc.info/?l=bugtraq&m=109051533021376&w=2 http://marc.info/? •
CVE-2004-0082
https://notcve.org/view.php?id=CVE-2004-0082
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. mksmbpasswd en Samba 3.0.0 y 3.0.1, cuando se crea una cuenta pero se marca como desactivada, puede sobreescribir la contraseña de usaurio con un búfer sin inicializar, lo que podría activar la cuenta con una contraseña más facil de adivinar. • http://us1.samba.org/samba/ftp/WHATSNEW-3.0.2a.txt http://www.ciac.org/ciac/bulletins/o-078.shtml http://www.osvdb.org/3919 http://www.redhat.com/support/errata/RHSA-2004-064.html http://www.securityfocus.com/bid/9637 http://www.vuxml.org/freebsd/3388eff9-5d6e-11d8-80e3-0020ed76ef5a.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A827 https://access.redhat.com/security/cve •