CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 0CVE-2004-2546
https://notcve.org/view.php?id=CVE-2004-2546
31 Dec 2004 — Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). • http://www.samba.org/samba/history/samba-3.0.6.html •
CVSS: 10.0EPSS: 11%CPEs: 53EXPL: 0CVE-2004-1154
https://notcve.org/view.php?id=CVE-2004-1154
22 Dec 2004 — Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 6.5EPSS: 3%CPEs: 30EXPL: 1CVE-2004-0930
https://notcve.org/view.php?id=CVE-2004-0930
19 Nov 2004 — The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 10.0EPSS: 95%CPEs: 27EXPL: 0CVE-2004-0882
https://notcve.org/view.php?id=CVE-2004-0882
19 Nov 2004 — Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 9.1EPSS: 64%CPEs: 20EXPL: 1CVE-2004-0815
https://notcve.org/view.php?id=CVE-2004-0815
16 Oct 2004 — The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. La función unix_clena_name en Samba 2.2.x a 2.2.11, y 3.0.x anterirores a 3.0.2a, recorta ciertos nombres de directorio a sus rutas absolutas, lo que podría permitir a atacantes evitar la restricticiones de espe... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 •
CVSS: 7.5EPSS: 5%CPEs: 9EXPL: 0CVE-2004-0808
https://notcve.org/view.php?id=CVE-2004-0808
14 Sep 2004 — The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 •
CVSS: 7.5EPSS: 3%CPEs: 27EXPL: 0CVE-2004-0807
https://notcve.org/view.php?id=CVE-2004-0807
13 Sep 2004 — Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. • ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P •
CVSS: 7.5EPSS: 14%CPEs: 39EXPL: 0CVE-2004-0829
https://notcve.org/view.php?id=CVE-2004-0829
10 Sep 2004 — smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. • http://samba.org/samba/history/samba-2.2.11.html •
CVSS: 9.8EPSS: 69%CPEs: 5EXPL: 0CVE-2004-0686
https://notcve.org/view.php?id=CVE-2004-0686
23 Jul 2004 — Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. Desbordamiento de búfer en Samba 2.2.x a 2.2.9 y 3.0.0 a 3.0.4, cuando la opción "mangling method = hash" está establecida en smb.conf, con impacto y vectores de ataque desconocidos. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 •
CVSS: 10.0EPSS: 95%CPEs: 7EXPL: 1CVE-2004-0600 – Samba 3.0.4 - SWAT Authorisation Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0600
23 Jul 2004 — Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. Desbordamiento de búfer en la Herramienta de Adminstración Web de Samba (SWAT) en Samba 3.0.2 a 3.0.4 permite a atacantes remotos ejecutar código de su elección mediante un carácter en base-64 inválido durante autenticación básica HTTP. • https://www.exploit-db.com/exploits/364 •