CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 2CVE-2012-6150 – samba: pam_winbind fails open when non-existent group specified to require_membership_of
https://notcve.org/view.php?id=CVE-2012-6150
03 Dec 2013 — The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake. La función winbind_name_list_to_sid_string_list en nsswitch/pam_winbind.c en Samba hasta v4.1.2 maneja nombres de grupo require_membership_... • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 7%CPEs: 10EXPL: 0CVE-2013-4475 – samba: no access check verification on stream files
https://notcve.org/view.php?id=CVE-2013-4475
13 Nov 2013 — Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS). Samba 3.x anteriores a 3.6.20, 4.0.x anteriores a 4.0.11, y 4.1.x anteriores a 4.1.1, cuando vfs_streams_depot o vfs_streams_xattr está activo, permite a atacantes remotos sortear restricciones de fichero aprovechando... • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 86%CPEs: 177EXPL: 4CVE-2013-4124 – Samba 3.5.22/3.6.17/4.0.8 - nttrans Reply Integer Overflow
https://notcve.org/view.php?id=CVE-2013-4124
05 Aug 2013 — Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. Desbordamiento de entero en la función read_nttrans_ea_list en nttrans.c en smbd en Samba v3.x anterior a v3.5.22, v3.6.x anterior a v3.6.17, y v4.x anterior a v4.0.8 permite a atacantes remotos causar una denegación de servicio (por excesivo consumo de memoria) a trav... • https://packetstorm.news/files/id/180540 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 1%CPEs: 9EXPL: 0CVE-2013-0454
https://notcve.org/view.php?id=CVE-2013-0454
26 Mar 2013 — The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or "hide unreadable" parameter. Samba... • http://www.ibm.com/support/docview.wss?uid=ssg1S1004289 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 4%CPEs: 163EXPL: 0CVE-2013-0213 – samba: clickjacking vulnerability in SWAT
https://notcve.org/view.php?id=CVE-2013-0213
02 Feb 2013 — The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element. Samba Web Administration Tool (SWAT) en Samba v3.x anterior a v3.5.21, v3.6.x anterior a v3.6.12, y v4.x anterior a v4.0.2 permite a atacantes remotos llevar a cabo attaques de clickjacking mediante un (1) FRAME o un (2) elemento IFRAME Samba is an open-source implementation of the Server Message Block or... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00019.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 163EXPL: 0CVE-2013-0214 – samba: cross-site request forgery vulnerability in SWAT
https://notcve.org/view.php?id=CVE-2013-0214
02 Feb 2013 — Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en el Samba Web Administration Tool (SWAT)en Samba v3.x anterior a v3.5.21, v3.6.x anterior a v3.6.12, y v4.... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00019.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 1%CPEs: 37EXPL: 0CVE-2012-2111 – samba: Incorrect permission checks when granting/removing privileges
https://notcve.org/view.php?id=CVE-2012-2111
30 Apr 2012 — The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection. El (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, y (4) RemoveAccountRights LSA RPC procedimientos en smbd de Samba v3.4.x anterior a v3.4.... • http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html • CWE-264: Permissions, Privileges, and Access Controls •