CVSS: 8.8EPSS: 5%CPEs: 7EXPL: 0CVE-2018-1057 – Samba 4.x Password Change
https://notcve.org/view.php?id=CVE-2018-1057
13 Mar 2018 — On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers). En Samba 4 AD DC, el servidor LDAP en todas las versiones de Samba, desde la 4.0.0 en adelante, valida incorrectamente los permisos para modificar contraseñas por LDAP. Esto permite que usuarios autenticados cambie... • http://www.securityfocus.com/bid/103382 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 44%CPEs: 15EXPL: 0CVE-2017-15275 – samba: Server heap-memory disclosure
https://notcve.org/view.php?id=CVE-2017-15275
21 Nov 2017 — Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. Las versiones anteriores a la 4.7.3 de Samba podrían permitir que atacantes remotos obtengan información sensible aprovechando el error del servidor para borrar la memoria dinámica (heap) asignada. A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-c... • http://www.securityfocus.com/bid/101908 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 37%CPEs: 16EXPL: 0CVE-2017-14746 – samba: Use-after-free in processing SMB1 requests
https://notcve.org/view.php?id=CVE-2017-14746
21 Nov 2017 — Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request. Vulnerabilidad de uso de memoria previamente liberada en las versiones 4.x de Samba anteriores a la 4.7.3 permiten que atacantes remotos ejecuten código arbitrario mediante una petición SMB1. A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash... • http://www.securityfocus.com/bid/101907 • CWE-416: Use After Free •