CVSS: 1.2EPSS: 0%CPEs: 4EXPL: 0CVE-2006-1059
https://notcve.org/view.php?id=CVE-2006-1059
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. • http://secunia.com/advisories/19455 http://secunia.com/advisories/19468 http://secunia.com/advisories/19539 http://securitytracker.com/id?1015850 http://us1.samba.org/samba/security/CAN-2006-1059.html http://www.osvdb.org/24263 http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00114.html http://www.securityfocus.com/archive/1/429370/100/0/threaded http://www.securityfocus.com/bid/17314 http://www.trustix.org/errata/2006/0018 http://www.vupen.com/e •
CVSS: 6.4EPSS: 0%CPEs: 37EXPL: 0CVE-2004-2546
https://notcve.org/view.php?id=CVE-2004-2546
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). • http://www.samba.org/samba/history/samba-3.0.6.html http://www.trustix.org/errata/2004/0043 https://exchange.xforce.ibmcloud.com/vulnerabilities/17139 •
CVSS: 9.3EPSS: 96%CPEs: 2EXPL: 3CVE-2004-2687 – DistCC Daemon - Command Execution
https://notcve.org/view.php?id=CVE-2004-2687
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. • https://www.exploit-db.com/exploits/9915 https://github.com/k4miyo/CVE-2004-2687 http://archives.neohapsis.com/archives/bugtraq/2005-03/0183.html http://distcc.samba.org/security.html http://lists.samba.org/archive/distcc/2004q3/002550.html http://lists.samba.org/archive/distcc/2004q3/002562.html http://www.metasploit.org/projects/Framework/exploits.html#distcc_exec http://www.osvdb.org/13378 • CWE-16: Configuration •
CVSS: 10.0EPSS: 11%CPEs: 53EXPL: 0CVE-2004-1154
https://notcve.org/view.php?id=CVE-2004-1154
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://secunia.com/advisories/13453 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1 http://www.debian.org/security/2005/dsa-701 http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities http://www.kb.cert.org/vuls/id/226184 ht •
CVSS: 10.0EPSS: 95%CPEs: 27EXPL: 0CVE-2004-0882
https://notcve.org/view.php?id=CVE-2004-0882
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000899 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=110054671403755&w=2 http://marc.info/?l=bugtraq&m=110055646329581&w=2 http://marc.info/?l=bugtraq&m=110330519803655&w=2 http://secunia.com/advisories/13189 http&# •