NotCVE - vendor:"Samba" product:"Samba" version:" >= 3.4.3

Page 8 of 73 results (0.005 seconds)

CVSS: 8.5EPSS: 2%CPEs: 3EXPL: 0

CVE-2010-0728

https://notcve.org/view.php?id=CVE-2010-0728

09 Mar 2010 — smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client. smbd en Samba v3.3.11, v3.4.6, y v3.5.0, cuando el soporte libcap está activado, se ejecuta con la capacidad CAP_DAC_OVERRIDE, lo que permite a usuarios autenticados remotamente superar los permisos establecidos de archivos establecidos a través de operaciones filesyst... • http://lists.samba.org/archive/samba-announce/2010/000211.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2010-0787 – samba: Race condition by mount (mount.cifs) operations

https://notcve.org/view.php?id=CVE-2010-0787

02 Mar 2010 — client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. client/mount.cifs.c en mount.cifs en smbfs en Samba v3.0.22, v3.0.28a, v3.2.3, v3.3.2, v3.4.0, and v3.4.5 permite a usuarios locales montar un CIFS compartido en un punto de montaje arbitrario y ganar privilegios, a través de un ataque de enlace simbólico en un fiche... • http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=3ae5dac462c4ed0fb2cd94553583c56fce2f9d80 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.5EPSS: 1%CPEs: 123EXPL: 0

CVE-2010-0547 – samba: mount.cifs improper device name and mountpoint strings sanitization

https://notcve.org/view.php?id=CVE-2010-0547

04 Feb 2010 — client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c en mount.cifs en smbfs en Samba v3.4.5 y anteriores no verifica (1) el nombre de dispositivo (2) cadenas de puntos de montaje compuestas por varios caracteres lo que permite a usuarios locales causar una denegación de servicio... • http://git.samba.org/?p=samba.git%3Ba=commit%3Bh=a065c177dfc8f968775593ba00dffafeebb2e054 • CWE-20: Improper Input Validation •

1...6 7 8