CVE-2004-0808
https://notcve.org/view.php?id=CVE-2004-0808
The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 http://marc.info/?l=bugtraq&m=109509335230495&w=2 http://marc.info/?l=bugtraq&m=109526231623307&w=2 http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml http://www.idefense.com/application/poi/display?id=138&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php? •
CVE-2004-0807
https://notcve.org/view.php?id=CVE-2004-0807
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. • ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873 http://marc.info/?l=bugtraq&m=109509335230495&w=2 http://marc.info/?l=bugtraq&m=109526231623307&w=2 http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php? •
CVE-2004-0829
https://notcve.org/view.php?id=CVE-2004-0829
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. • http://samba.org/samba/history/samba-2.2.11.html http://seclists.org/lists/bugtraq/2004/Sep/0003.html http://www.gentoo.org/security/en/glsa/glsa-200409-14.xml http://www.trustix.org/errata/2004/0043 https://exchange.xforce.ibmcloud.com/vulnerabilities/17138 •
CVE-2004-0600 – Samba 3.0.4 - SWAT Authorisation Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0600
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. Desbordamiento de búfer en la Herramienta de Adminstración Web de Samba (SWAT) en Samba 3.0.2 a 3.0.4 permite a atacantes remotos ejecutar código de su elección mediante un carácter en base-64 inválido durante autenticación básica HTTP. • https://www.exploit-db.com/exploits/364 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000854 http://marc.info/?l=bugtraq&m=109051340810458&w=2 http://marc.info/?l=bugtraq&m=109051533021376&w=2 http://marc.info/? •
CVE-2004-0686
https://notcve.org/view.php?id=CVE-2004-0686
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. Desbordamiento de búfer en Samba 2.2.x a 2.2.9 y 3.0.0 a 3.0.4, cuando la opción "mangling method = hash" está establecida en smb.conf, con impacto y vectores de ataque desconocidos. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000854 http://marc.info/?l=bugtraq&m=109051340810458&w=2 http://marc.info/?l=bugtraq&m=109051533021376&w=2 http://marc.info/? •