CVSS: 5.5EPSS: 1%CPEs: 123EXPL: 0CVE-2010-0547 – samba: mount.cifs improper device name and mountpoint strings sanitization
https://notcve.org/view.php?id=CVE-2010-0547
04 Feb 2010 — client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c en mount.cifs en smbfs en Samba v3.4.5 y anteriores no verifica (1) el nombre de dispositivo (2) cadenas de puntos de montaje compuestas por varios caracteres lo que permite a usuarios locales causar una denegación de servicio... • http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2009-2906 – samba: infinite loop flaw in smbd on unexpected oplock break notification reply
https://notcve.org/view.php?id=CVE-2009-2906
07 Oct 2009 — smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. smbd en Samba v3.0 anterior a v3.0.37, v3.2 anterior a v3.2.15, v3.3 anterior a v3.3.8 y v3.4 anterior a v3.4.2, permite a usuarios autenticados remotamente provocar una denegación de servicio (bucle infinito) a través de un paquete de notificación de respuesta "oplock break" impr... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 0CVE-2004-2546
https://notcve.org/view.php?id=CVE-2004-2546
31 Dec 2004 — Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). • http://www.samba.org/samba/history/samba-3.0.6.html •
CVSS: 9.8EPSS: 91%CPEs: 2EXPL: 5CVE-2004-2687 – DistCC Daemon - Command Execution
https://notcve.org/view.php?id=CVE-2004-2687
31 Dec 2004 — distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. • https://www.exploit-db.com/exploits/9915 • CWE-16: Configuration •
CVSS: 10.0EPSS: 27%CPEs: 53EXPL: 0CVE-2004-1154
https://notcve.org/view.php?id=CVE-2004-1154
22 Dec 2004 — Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 10.0EPSS: 33%CPEs: 27EXPL: 0CVE-2004-0882
https://notcve.org/view.php?id=CVE-2004-0882
19 Nov 2004 — Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 6.5EPSS: 6%CPEs: 30EXPL: 1CVE-2004-0930
https://notcve.org/view.php?id=CVE-2004-0930
19 Nov 2004 — The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 7.5EPSS: 4%CPEs: 39EXPL: 0CVE-2004-0829
https://notcve.org/view.php?id=CVE-2004-0829
10 Sep 2004 — smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. • http://samba.org/samba/history/samba-2.2.11.html •
CVSS: 10.0EPSS: 59%CPEs: 7EXPL: 1CVE-2004-0600 – Samba 3.0.4 - SWAT Authorisation Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0600
23 Jul 2004 — Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. Desbordamiento de búfer en la Herramienta de Adminstración Web de Samba (SWAT) en Samba 3.0.2 a 3.0.4 permite a atacantes remotos ejecutar código de su elección mediante un carácter en base-64 inválido durante autenticación básica HTTP. • https://www.exploit-db.com/exploits/364 •
CVSS: 9.8EPSS: 12%CPEs: 5EXPL: 0CVE-2004-0686
https://notcve.org/view.php?id=CVE-2004-0686
23 Jul 2004 — Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. Desbordamiento de búfer en Samba 2.2.x a 2.2.9 y 3.0.0 a 3.0.4, cuando la opción "mangling method = hash" está establecida en smb.conf, con impacto y vectores de ataque desconocidos. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000851 •