CVE-2003-1332 – samba: stack-based buffer overflow in the reply_nttrans()
https://notcve.org/view.php?id=CVE-2003-1332
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. • http://www.redhat.com/support/errata/RHSA-2003-096.html http://www.securiteam.com/exploits/5TP0M2AAKS.html https://exchange.xforce.ibmcloud.com/vulnerabilities/12749 https://access.redhat.com/security/cve/CVE-2003-1332 https://bugzilla.redhat.com/show_bug.cgi?id=1933060 •
CVE-2002-2196
https://notcve.org/view.php?id=CVE-2002-2196
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc http://lists.samba.org/archive/samba-technical/2002-June/022075.html http://rhn.redhat.com/errata/RHBA-2002-209.html http://www.iss.net/security_center/static/10010.php http://www.securityfocus.com/bid/5587 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2001-0406 – Samba 2.0.x - Insecure TMP File Symbolic Link
https://notcve.org/view.php?id=CVE-2001-0406
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. • https://www.exploit-db.com/exploits/20776 http://archives.neohapsis.com/archives/bugtraq/2001-04/0305.html http://archives.neohapsis.com/archives/bugtraq/2001-04/0319.html http://archives.neohapsis.com/archives/bugtraq/2001-04/0326.html http://archives.neohapsis.com/archives/freebsd/2001-04/0608.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000395 http://www.caldera.com/support/security/advisories/CSSA-2001-015.0.txt http://www.debian.org/security/2001/dsa-048 •
CVE-1999-1288
https://notcve.org/view.php?id=CVE-1999-1288
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. • http://www.caldera.com/support/security/advisories/SA-1998.35.txt http://www.securityfocus.com/archive/1/11397 https://exchange.xforce.ibmcloud.com/vulnerabilities/1406 •