CVSS: 5.0EPSS: 79%CPEs: 5EXPL: 0CVE-2004-0686
https://notcve.org/view.php?id=CVE-2004-0686
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. Desbordamiento de búfer en Samba 2.2.x a 2.2.9 y 3.0.0 a 3.0.4, cuando la opción "mangling method = hash" está establecida en smb.conf, con impacto y vectores de ataque desconocidos. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000854 http://marc.info/?l=bugtraq&m=109051340810458&w=2 http://marc.info/?l=bugtraq&m=109051533021376&w=2 http://marc.info/? •
CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 2CVE-2004-0186 – Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0186
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. smbmnt en Samba 2.0 y 3.0 para Linux 2.6, cuando se instala con setuid, permite a usuarios locales ganar privilegios de root montando un recurso compartido de Samba que contiene un programa con setuid de root, cuyos atributos no se limpian cuando el recurso compartido es eliminado. • https://www.exploit-db.com/exploits/23674 http://marc.info/?l=bugtraq&m=107636290906296&w=2 http://marc.info/?l=bugtraq&m=107657505718743&w=2 http://www.debian.org/security/2004/dsa-463 http://www.osvdb.org/3916 http://www.securityfocus.com/bid/9619 https://exchange.xforce.ibmcloud.com/vulnerabilities/15131 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0082
https://notcve.org/view.php?id=CVE-2004-0082
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. mksmbpasswd en Samba 3.0.0 y 3.0.1, cuando se crea una cuenta pero se marca como desactivada, puede sobreescribir la contraseña de usaurio con un búfer sin inicializar, lo que podría activar la cuenta con una contraseña más facil de adivinar. • http://us1.samba.org/samba/ftp/WHATSNEW-3.0.2a.txt http://www.ciac.org/ciac/bulletins/o-078.shtml http://www.osvdb.org/3919 http://www.redhat.com/support/errata/RHSA-2004-064.html http://www.securityfocus.com/bid/9637 http://www.vuxml.org/freebsd/3388eff9-5d6e-11d8-80e3-0020ed76ef5a.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A827 https://access.redhat.com/security/cve&#x •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 1CVE-2003-1332 – samba: stack-based buffer overflow in the reply_nttrans()
https://notcve.org/view.php?id=CVE-2003-1332
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. • http://www.redhat.com/support/errata/RHSA-2003-096.html http://www.securiteam.com/exploits/5TP0M2AAKS.html https://exchange.xforce.ibmcloud.com/vulnerabilities/12749 https://access.redhat.com/security/cve/CVE-2003-1332 https://bugzilla.redhat.com/show_bug.cgi?id=1933060 •
CVSS: 10.0EPSS: 4%CPEs: 77EXPL: 0CVE-2003-0196
https://notcve.org/view.php?id=CVE-2003-0196
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. Múltiples desbordamientos de búfer en Samba anteriores a 2.2.8a puede permitir a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio, descubierto por el equipo de Samba y una vulnerabilidad distinta de CAN-2003-0201. • http://marc.info/?l=bugtraq&m=104973186901597&w=2 http://marc.info/?l=bugtraq&m=104974612519064&w=2 http://www.debian.org/security/2003/dsa-280 http://www.mandriva.com/security/advisories?name=MDKSA-2003:044 http://www.redhat.com/support/errata/RHSA-2003-137.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A564 https://access.redhat.com/security/cve/CVE-2003-0196 https://bugzilla.redhat.com/show_bug.cgi?id=1617001 •