| 0 |
| url |
VCID-15n7-fxw3-pbdy |
| vulnerability_id |
VCID-15n7-fxw3-pbdy |
| summary |
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2003-0201
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-15n7-fxw3-pbdy |
|
| 1 |
| url |
VCID-1bsd-u791-43dm |
| vulnerability_id |
VCID-1bsd-u791-43dm |
| summary |
It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-15085
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1bsd-u791-43dm |
|
| 2 |
| url |
VCID-1drk-e3vx-wbe8 |
| vulnerability_id |
VCID-1drk-e3vx-wbe8 |
| summary |
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2018-1139
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1drk-e3vx-wbe8 |
|
| 3 |
| url |
VCID-1k7z-b2yr-xug1 |
| vulnerability_id |
VCID-1k7z-b2yr-xug1 |
| summary |
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names). |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-2446
|
| risk_score |
1.6 |
| exploitability |
2.0 |
| weighted_severity |
0.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1k7z-b2yr-xug1 |
|
| 4 |
| url |
VCID-1yxs-gcxx-yqc3 |
| vulnerability_id |
VCID-1yxs-gcxx-yqc3 |
| summary |
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2003-0085
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1yxs-gcxx-yqc3 |
|
| 5 |
| url |
VCID-1yzz-fu2r-rqgy |
| vulnerability_id |
VCID-1yzz-fu2r-rqgy |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2021-44142
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy |
|
| 6 |
|
| 7 |
| url |
VCID-2f2r-y1tw-pyeq |
| vulnerability_id |
VCID-2f2r-y1tw-pyeq |
| summary |
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless). |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-14907
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2r-y1tw-pyeq |
|
| 8 |
| url |
VCID-2sjk-5zvq-kbap |
| vulnerability_id |
VCID-2sjk-5zvq-kbap |
| summary |
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2012-1182
|
| risk_score |
0.3 |
| exploitability |
0.5 |
| weighted_severity |
0.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2sjk-5zvq-kbap |
|
| 9 |
|
| 10 |
| url |
VCID-3ddh-cm8f-nuf2 |
| vulnerability_id |
VCID-3ddh-cm8f-nuf2 |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2018-1050
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3ddh-cm8f-nuf2 |
|
| 11 |
| url |
VCID-3dxq-ge62-hfdm |
| vulnerability_id |
VCID-3dxq-ge62-hfdm |
| summary |
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-2546
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3dxq-ge62-hfdm |
|
| 12 |
| url |
VCID-3vh9-a365-pqhy |
| vulnerability_id |
VCID-3vh9-a365-pqhy |
| summary |
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-6015
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3vh9-a365-pqhy |
|
| 13 |
| url |
VCID-44hn-cr8c-akft |
| vulnerability_id |
VCID-44hn-cr8c-akft |
| summary |
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-12150
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-44hn-cr8c-akft |
|
| 14 |
| url |
VCID-48wp-kk4y-ekfc |
| vulnerability_id |
VCID-48wp-kk4y-ekfc |
| summary |
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-0787
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-48wp-kk4y-ekfc |
|
| 15 |
| url |
VCID-4by1-xwe3-cubx |
| vulnerability_id |
VCID-4by1-xwe3-cubx |
| summary |
samba: AD DC Busy RPC multiple listener DoS |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| aliases |
CVE-2023-42670
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4by1-xwe3-cubx |
|
| 16 |
| url |
VCID-4h99-zsd9-5ke4 |
| vulnerability_id |
VCID-4h99-zsd9-5ke4 |
| summary |
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2011-2724
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4h99-zsd9-5ke4 |
|
| 17 |
| url |
VCID-4pjr-6tfv-hqgu |
| vulnerability_id |
VCID-4pjr-6tfv-hqgu |
| summary |
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-7540
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4pjr-6tfv-hqgu |
|
| 18 |
| url |
VCID-4t9d-yycr-fqhy |
| vulnerability_id |
VCID-4t9d-yycr-fqhy |
| summary |
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-1154
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4t9d-yycr-fqhy |
|
| 19 |
| url |
VCID-53zv-2nms-e3da |
| vulnerability_id |
VCID-53zv-2nms-e3da |
| summary |
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-11103
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-53zv-2nms-e3da |
|
| 20 |
| url |
VCID-548z-f1hq-4ffh |
| vulnerability_id |
VCID-548z-f1hq-4ffh |
| summary |
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2014-3560
|
| risk_score |
0.3 |
| exploitability |
0.5 |
| weighted_severity |
0.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-548z-f1hq-4ffh |
|
| 21 |
| url |
VCID-5e5h-6dg4-ryd4 |
| vulnerability_id |
VCID-5e5h-6dg4-ryd4 |
| summary |
samba: infinite loop in mdssvc RPC service for spotlight |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2023-34966
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5e5h-6dg4-ryd4 |
|
| 22 |
| url |
VCID-5tc4-e6tj-3qfa |
| vulnerability_id |
VCID-5tc4-e6tj-3qfa |
| summary |
A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-20277
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5tc4-e6tj-3qfa |
|
| 23 |
|
| 24 |
| url |
VCID-5uh7-w6s9-47gr |
| vulnerability_id |
VCID-5uh7-w6s9-47gr |
| summary |
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2018-10919
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5uh7-w6s9-47gr |
|
| 25 |
| url |
VCID-5xej-61wz-mbc6 |
| vulnerability_id |
VCID-5xej-61wz-mbc6 |
| summary |
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2009-2813
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5xej-61wz-mbc6 |
|
| 26 |
|
| 27 |
| url |
VCID-68mw-cr8k-qfgs |
| vulnerability_id |
VCID-68mw-cr8k-qfgs |
| summary |
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-5330
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-68mw-cr8k-qfgs |
|
| 28 |
| url |
VCID-6pd7-pxth-3faj |
| vulnerability_id |
VCID-6pd7-pxth-3faj |
| summary |
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-0771
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6pd7-pxth-3faj |
|
| 29 |
| url |
VCID-6y1r-n3tf-qbfy |
| vulnerability_id |
VCID-6y1r-n3tf-qbfy |
| summary |
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS). |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-4475
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6y1r-n3tf-qbfy |
|
| 30 |
| url |
VCID-73fb-wuxr-2fa7 |
| vulnerability_id |
VCID-73fb-wuxr-2fa7 |
| summary |
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2014-0239
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-73fb-wuxr-2fa7 |
|
| 31 |
| url |
VCID-76dk-atu1-ebbm |
| vulnerability_id |
VCID-76dk-atu1-ebbm |
| summary |
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2021-43566
|
| risk_score |
1.1 |
| exploitability |
0.5 |
| weighted_severity |
2.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-76dk-atu1-ebbm |
|
| 32 |
| url |
VCID-7dmk-ay48-pkct |
| vulnerability_id |
VCID-7dmk-ay48-pkct |
| summary |
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0930
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7dmk-ay48-pkct |
|
| 33 |
| url |
VCID-7fwh-y82u-ybdd |
| vulnerability_id |
VCID-7fwh-y82u-ybdd |
| summary |
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0807
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7fwh-y82u-ybdd |
|
| 34 |
| url |
VCID-7n9k-74nf-ayah |
| vulnerability_id |
VCID-7n9k-74nf-ayah |
| summary |
A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2020-25720
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7n9k-74nf-ayah |
|
| 35 |
| url |
VCID-7q6r-9cgn-5kfp |
| vulnerability_id |
VCID-7q6r-9cgn-5kfp |
| summary |
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2020-14318
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7q6r-9cgn-5kfp |
|
| 36 |
|
| 37 |
| url |
VCID-82sk-6wse-qkbh |
| vulnerability_id |
VCID-82sk-6wse-qkbh |
| summary |
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2014-3493
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-82sk-6wse-qkbh |
|
| 38 |
| url |
VCID-84jf-xy5a-yqfw |
| vulnerability_id |
VCID-84jf-xy5a-yqfw |
| summary |
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-0547
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-84jf-xy5a-yqfw |
|
| 39 |
| url |
VCID-85f1-s2xy-vkbe |
| vulnerability_id |
VCID-85f1-s2xy-vkbe |
| summary |
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-0172
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-85f1-s2xy-vkbe |
|
| 40 |
| url |
VCID-8hfr-fp5z-s3c1 |
| vulnerability_id |
VCID-8hfr-fp5z-s3c1 |
| summary |
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-0240
|
| risk_score |
1.6 |
| exploitability |
2.0 |
| weighted_severity |
0.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8hfr-fp5z-s3c1 |
|
| 41 |
|
| 42 |
| url |
VCID-8m9d-vzmn-cqcr |
| vulnerability_id |
VCID-8m9d-vzmn-cqcr |
| summary |
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2011-0719
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8m9d-vzmn-cqcr |
|
| 43 |
| url |
VCID-8n5r-u3uc-dkaz |
| vulnerability_id |
VCID-8n5r-u3uc-dkaz |
| summary |
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2003-0196
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8n5r-u3uc-dkaz |
|
| 44 |
| url |
VCID-8q5z-24mn-1uds |
| vulnerability_id |
VCID-8q5z-24mn-1uds |
| summary |
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-3069
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8q5z-24mn-1uds |
|
| 45 |
| url |
VCID-8tyg-f73c-zuh3 |
| vulnerability_id |
VCID-8tyg-f73c-zuh3 |
| summary |
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2115
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8tyg-f73c-zuh3 |
|
| 46 |
| url |
VCID-8yhb-ghew-b3bw |
| vulnerability_id |
VCID-8yhb-ghew-b3bw |
| summary |
samba: spotlight server-side share path disclosure |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2023-34968
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8yhb-ghew-b3bw |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
| url |
VCID-94d3-5rgf-x3dh |
| vulnerability_id |
VCID-94d3-5rgf-x3dh |
| summary |
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-7560
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-94d3-5rgf-x3dh |
|
| 51 |
| url |
VCID-95dq-xd5m-judz |
| vulnerability_id |
VCID-95dq-xd5m-judz |
| summary |
A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2021-20254
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-95dq-xd5m-judz |
|
| 52 |
|
| 53 |
| url |
VCID-9ch7-2sqv-m7b9 |
| vulnerability_id |
VCID-9ch7-2sqv-m7b9 |
| summary |
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-1642
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ch7-2sqv-m7b9 |
|
| 54 |
|
| 55 |
| url |
VCID-9frz-rgd4-ekdx |
| vulnerability_id |
VCID-9frz-rgd4-ekdx |
| summary |
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0082
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9frz-rgd4-ekdx |
|
| 56 |
| url |
VCID-9j2y-cra5-8bdc |
| vulnerability_id |
VCID-9j2y-cra5-8bdc |
| summary |
Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2012-0817
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9j2y-cra5-8bdc |
|
| 57 |
|
| 58 |
| url |
VCID-a7b1-q34r-9qaj |
| vulnerability_id |
VCID-a7b1-q34r-9qaj |
| summary |
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2011-2694
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a7b1-q34r-9qaj |
|
| 59 |
| url |
VCID-abzu-mfgh-27ew |
| vulnerability_id |
VCID-abzu-mfgh-27ew |
| summary |
Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2011-2522
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-abzu-mfgh-27ew |
|
| 60 |
|
| 61 |
| url |
VCID-apjj-ezss-a3hj |
| vulnerability_id |
VCID-apjj-ezss-a3hj |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-7494
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-apjj-ezss-a3hj |
|
| 62 |
|
| 63 |
|
| 64 |
| url |
VCID-b1ja-e7jm-gbhc |
| vulnerability_id |
VCID-b1ja-e7jm-gbhc |
| summary |
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2014-0178
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b1ja-e7jm-gbhc |
|
| 65 |
| url |
VCID-b843-h976-aqhr |
| vulnerability_id |
VCID-b843-h976-aqhr |
| summary |
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2021-3671
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b843-h976-aqhr |
|
| 66 |
|
| 67 |
| url |
VCID-bbx4-2d6h-e3bb |
| vulnerability_id |
VCID-bbx4-2d6h-e3bb |
| summary |
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0600
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bbx4-2d6h-e3bb |
|
| 68 |
| url |
VCID-berd-61rd-vbeg |
| vulnerability_id |
VCID-berd-61rd-vbeg |
| summary |
Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2009-0022
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-berd-61rd-vbeg |
|
| 69 |
| url |
VCID-bk9c-f69a-akdc |
| vulnerability_id |
VCID-bk9c-f69a-akdc |
| summary |
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2012-2111
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bk9c-f69a-akdc |
|
| 70 |
|
| 71 |
| url |
VCID-bpe6-qsa1-tfc9 |
| vulnerability_id |
VCID-bpe6-qsa1-tfc9 |
| summary |
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2011-3585
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bpe6-qsa1-tfc9 |
|
| 72 |
| url |
VCID-bykg-wucu-duay |
| vulnerability_id |
VCID-bykg-wucu-duay |
| summary |
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it vulnerable to dictionary attacks. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-14833
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bykg-wucu-duay |
|
| 73 |
| url |
VCID-c99r-m2v5-zqa3 |
| vulnerability_id |
VCID-c99r-m2v5-zqa3 |
| summary |
The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-5299
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c99r-m2v5-zqa3 |
|
| 74 |
| url |
VCID-d4jx-h2cx-kbf3 |
| vulnerability_id |
VCID-d4jx-h2cx-kbf3 |
| summary |
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-14847
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d4jx-h2cx-kbf3 |
|
| 75 |
| url |
VCID-ddag-h7en-efed |
| vulnerability_id |
VCID-ddag-h7en-efed |
| summary |
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-3880
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ddag-h7en-efed |
|
| 76 |
| url |
VCID-dm3k-e5p2-3kh1 |
| vulnerability_id |
VCID-dm3k-e5p2-3kh1 |
| summary |
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2006-3403
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dm3k-e5p2-3kh1 |
|
| 77 |
| url |
VCID-dnwj-ja5g-abbe |
| vulnerability_id |
VCID-dnwj-ja5g-abbe |
| summary |
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2009-1888
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dnwj-ja5g-abbe |
|
| 78 |
|
| 79 |
| url |
VCID-dzyk-akhc-t7d2 |
| vulnerability_id |
VCID-dzyk-akhc-t7d2 |
| summary |
silent downgrade |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2016-2124
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dzyk-akhc-t7d2 |
|
| 80 |
| url |
VCID-e2b4-vjgq-sbdq |
| vulnerability_id |
VCID-e2b4-vjgq-sbdq |
| summary |
A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2020-27840
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e2b4-vjgq-sbdq |
|
| 81 |
| url |
VCID-e45f-ty2v-g7g8 |
| vulnerability_id |
VCID-e45f-ty2v-g7g8 |
| summary |
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-12151
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e45f-ty2v-g7g8 |
|
| 82 |
| url |
VCID-eaxm-5jgj-eqcg |
| vulnerability_id |
VCID-eaxm-5jgj-eqcg |
| summary |
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2111
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-5jgj-eqcg |
|
| 83 |
| url |
VCID-ebus-zxf9-qfhe |
| vulnerability_id |
VCID-ebus-zxf9-qfhe |
| summary |
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2009-2948
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ebus-zxf9-qfhe |
|
| 84 |
| url |
VCID-egeg-4ds7-d3d1 |
| vulnerability_id |
VCID-egeg-4ds7-d3d1 |
| summary |
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK." |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2118
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-egeg-4ds7-d3d1 |
|
| 85 |
| url |
VCID-emy1-4uv9-4kfn |
| vulnerability_id |
VCID-emy1-4uv9-4kfn |
| summary |
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-12436
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-emy1-4uv9-4kfn |
|
| 86 |
| url |
VCID-enbr-g8ae-ubbc |
| vulnerability_id |
VCID-enbr-g8ae-ubbc |
| summary |
Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2113
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-enbr-g8ae-ubbc |
|
| 87 |
| url |
VCID-et6f-6gtc-5ues |
| vulnerability_id |
VCID-et6f-6gtc-5ues |
| summary |
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-4408
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-et6f-6gtc-5ues |
|
| 88 |
| url |
VCID-f93g-v8t6-wyf3 |
| vulnerability_id |
VCID-f93g-v8t6-wyf3 |
| summary |
samba: type confusion in mdssvc RPC service for spotlight |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2023-34967
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f93g-v8t6-wyf3 |
|
| 89 |
|
| 90 |
| url |
VCID-fdpk-a129-duga |
| vulnerability_id |
VCID-fdpk-a129-duga |
| summary |
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0186
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fdpk-a129-duga |
|
| 91 |
| url |
VCID-fj5p-xkmp-vken |
| vulnerability_id |
VCID-fj5p-xkmp-vken |
| summary |
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-20316
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fj5p-xkmp-vken |
|
| 92 |
| url |
VCID-fusx-6479-27h3 |
| vulnerability_id |
VCID-fusx-6479-27h3 |
| summary |
samba: smbd allows client access to unix domain sockets on the file system as root |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| aliases |
CVE-2023-3961
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fusx-6479-27h3 |
|
| 93 |
| url |
VCID-gann-1a73-1uf4 |
| vulnerability_id |
VCID-gann-1a73-1uf4 |
| summary |
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-0926
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gann-1a73-1uf4 |
|
| 94 |
|
| 95 |
| url |
VCID-gg9p-kzw8-23bq |
| vulnerability_id |
VCID-gg9p-kzw8-23bq |
| summary |
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-10218
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gg9p-kzw8-23bq |
|
| 96 |
|
| 97 |
| url |
VCID-h4dq-47fg-yqga |
| vulnerability_id |
VCID-h4dq-47fg-yqga |
| summary |
smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2008-4314
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h4dq-47fg-yqga |
|
| 98 |
| url |
VCID-hbe8-zptv-f7dr |
| vulnerability_id |
VCID-hbe8-zptv-f7dr |
| summary |
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-9461
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hbe8-zptv-f7dr |
|
| 99 |
| url |
VCID-hhr3-tvv1-r7ex |
| vulnerability_id |
VCID-hhr3-tvv1-r7ex |
| summary |
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2009-2906
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hhr3-tvv1-r7ex |
|
| 100 |
| url |
VCID-hhyy-7a7s-3khn |
| vulnerability_id |
VCID-hhyy-7a7s-3khn |
| summary |
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-0454
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hhyy-7a7s-3khn |
|
| 101 |
|
| 102 |
|
| 103 |
| url |
VCID-j1a6-7vhx-sbh7 |
| vulnerability_id |
VCID-j1a6-7vhx-sbh7 |
| summary |
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2018-14628
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j1a6-7vhx-sbh7 |
|
| 104 |
| url |
VCID-j1m5-tteg-wqh1 |
| vulnerability_id |
VCID-j1m5-tteg-wqh1 |
| summary |
samba: Missing access check on reparse point operations |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2026-1933
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j1m5-tteg-wqh1 |
|
| 105 |
| url |
VCID-j317-uv8e-6fgn |
| vulnerability_id |
VCID-j317-uv8e-6fgn |
| summary |
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2014-0244
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j317-uv8e-6fgn |
|
| 106 |
|
| 107 |
| url |
VCID-j9gn-19jv-33c5 |
| vulnerability_id |
VCID-j9gn-19jv-33c5 |
| summary |
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0686
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j9gn-19jv-33c5 |
|
| 108 |
| url |
VCID-jeut-pn1j-gfg6 |
| vulnerability_id |
VCID-jeut-pn1j-gfg6 |
| summary |
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2018-10858
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jeut-pn1j-gfg6 |
|
| 109 |
|
| 110 |
|
| 111 |
| url |
VCID-jxyu-xxfk-x3gs |
| vulnerability_id |
VCID-jxyu-xxfk-x3gs |
| summary |
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2012-6150
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jxyu-xxfk-x3gs |
|
| 112 |
| url |
VCID-jyzv-5qe7-g7db |
| vulnerability_id |
VCID-jyzv-5qe7-g7db |
| summary |
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0815
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jyzv-5qe7-g7db |
|
| 113 |
| url |
VCID-kr3y-cghu-s7cs |
| vulnerability_id |
VCID-kr3y-cghu-s7cs |
| summary |
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-2447
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kr3y-cghu-s7cs |
|
| 114 |
| url |
VCID-ksss-h1p9-mbaz |
| vulnerability_id |
VCID-ksss-h1p9-mbaz |
| summary |
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2020-10700
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ksss-h1p9-mbaz |
|
| 115 |
|
| 116 |
| url |
VCID-kymx-bv3z-f7ea |
| vulnerability_id |
VCID-kymx-bv3z-f7ea |
| summary |
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-4138
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kymx-bv3z-f7ea |
|
| 117 |
| url |
VCID-m1qp-m1d3-nbgw |
| vulnerability_id |
VCID-m1qp-m1d3-nbgw |
| summary |
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2020-14323
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m1qp-m1d3-nbgw |
|
| 118 |
| url |
VCID-m28k-z95r-9yc7 |
| vulnerability_id |
VCID-m28k-z95r-9yc7 |
| summary |
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2003-1332
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m28k-z95r-9yc7 |
|
| 119 |
| url |
VCID-m364-w7f6-aug7 |
| vulnerability_id |
VCID-m364-w7f6-aug7 |
| summary |
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-5370
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m364-w7f6-aug7 |
|
| 120 |
|
| 121 |
| url |
VCID-mktu-yt4c-tkfq |
| vulnerability_id |
VCID-mktu-yt4c-tkfq |
| summary |
Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-12435
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mktu-yt4c-tkfq |
|
| 122 |
|
| 123 |
| url |
VCID-ms3e-8h1d-7yhh |
| vulnerability_id |
VCID-ms3e-8h1d-7yhh |
| summary |
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-4124
|
| risk_score |
1.6 |
| exploitability |
2.0 |
| weighted_severity |
0.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ms3e-8h1d-7yhh |
|
| 124 |
|
| 125 |
| url |
VCID-mxew-ey1n-zuet |
| vulnerability_id |
VCID-mxew-ey1n-zuet |
| summary |
samba: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2025-0620
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mxew-ey1n-zuet |
|
| 126 |
|
| 127 |
| url |
VCID-n1sz-dkw8-77dz |
| vulnerability_id |
VCID-n1sz-dkw8-77dz |
| summary |
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-0214
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n1sz-dkw8-77dz |
|
| 128 |
| url |
VCID-n6xc-pvqq-9bgs |
| vulnerability_id |
VCID-n6xc-pvqq-9bgs |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2126
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n6xc-pvqq-9bgs |
|
| 129 |
| url |
VCID-n9bw-bctz-pqfx |
| vulnerability_id |
VCID-n9bw-bctz-pqfx |
| summary |
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2119
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n9bw-bctz-pqfx |
|
| 130 |
| url |
VCID-nazc-kauc-rqb6 |
| vulnerability_id |
VCID-nazc-kauc-rqb6 |
| summary |
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-12163
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nazc-kauc-rqb6 |
|
| 131 |
| url |
VCID-nhvj-h5wu-xfgy |
| vulnerability_id |
VCID-nhvj-h5wu-xfgy |
| summary |
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-3870
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nhvj-h5wu-xfgy |
|
| 132 |
|
| 133 |
|
| 134 |
| url |
VCID-nzms-3u9x-wuat |
| vulnerability_id |
VCID-nzms-3u9x-wuat |
| summary |
Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-4496
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nzms-3u9x-wuat |
|
| 135 |
| url |
VCID-p4mk-1t9q-sbb3 |
| vulnerability_id |
VCID-p4mk-1t9q-sbb3 |
| summary |
The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2114
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p4mk-1t9q-sbb3 |
|
| 136 |
| url |
VCID-pd84-1cmy-mqf6 |
| vulnerability_id |
VCID-pd84-1cmy-mqf6 |
| summary |
It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-15086
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pd84-1cmy-mqf6 |
|
| 137 |
| url |
VCID-pjsp-z7d9-6fh2 |
| vulnerability_id |
VCID-pjsp-z7d9-6fh2 |
| summary |
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2012-0870
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pjsp-z7d9-6fh2 |
|
| 138 |
| url |
VCID-prhs-c1gk-97hj |
| vulnerability_id |
VCID-prhs-c1gk-97hj |
| summary |
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2020-1472
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-prhs-c1gk-97hj |
|
| 139 |
| url |
VCID-pzrp-6xtn-37db |
| vulnerability_id |
VCID-pzrp-6xtn-37db |
| summary |
samba: vfs_streams_xattr uninitialized memory write possible |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| aliases |
CVE-2025-9640
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pzrp-6xtn-37db |
|
| 140 |
|
| 141 |
|
| 142 |
| url |
VCID-qqbv-h38g-zuf9 |
| vulnerability_id |
VCID-qqbv-h38g-zuf9 |
| summary |
samba: SMB2 packet signing is not enforced when "server signing = required" is set |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| aliases |
CVE-2023-3347
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qqbv-h38g-zuf9 |
|
| 143 |
| url |
VCID-qqme-47b7-2kfe |
| vulnerability_id |
VCID-qqme-47b7-2kfe |
| summary |
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2014-8143
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qqme-47b7-2kfe |
|
| 144 |
|
| 145 |
| url |
VCID-qtcs-hz4a-97fy |
| vulnerability_id |
VCID-qtcs-hz4a-97fy |
| summary |
samba: SMB clients can truncate files with read-only permissions |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2023-4091
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qtcs-hz4a-97fy |
|
| 146 |
| url |
VCID-r3n1-q8uv-cfbb |
| vulnerability_id |
VCID-r3n1-q8uv-cfbb |
| summary |
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-14870
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r3n1-q8uv-cfbb |
|
| 147 |
| url |
VCID-r7zv-4yyc-mqeu |
| vulnerability_id |
VCID-r7zv-4yyc-mqeu |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2020-25717
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu |
|
| 148 |
| url |
VCID-rf9h-4yqd-z3gg |
| vulnerability_id |
VCID-rf9h-4yqd-z3gg |
| summary |
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2006-1059
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rf9h-4yqd-z3gg |
|
| 149 |
|
| 150 |
| url |
VCID-rp3r-6r3h-s3gb |
| vulnerability_id |
VCID-rp3r-6r3h-s3gb |
| summary |
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2008-1105
|
| risk_score |
1.6 |
| exploitability |
2.0 |
| weighted_severity |
0.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rp3r-6r3h-s3gb |
|
| 151 |
| url |
VCID-rp73-9v8y-abam |
| vulnerability_id |
VCID-rp73-9v8y-abam |
| summary |
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2002-2196
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rp73-9v8y-abam |
|
| 152 |
| url |
VCID-rsqy-3xke-dqer |
| vulnerability_id |
VCID-rsqy-3xke-dqer |
| summary |
Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-4476
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rsqy-3xke-dqer |
|
| 153 |
| url |
VCID-rsz9-y661-qfce |
| vulnerability_id |
VCID-rsz9-y661-qfce |
| summary |
There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-19344
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rsz9-y661-qfce |
|
| 154 |
| url |
VCID-rv44-kq9m-fkbp |
| vulnerability_id |
VCID-rv44-kq9m-fkbp |
| summary |
Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2009-1886
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rv44-kq9m-fkbp |
|
| 155 |
| url |
VCID-rzyt-ttz5-aycb |
| vulnerability_id |
VCID-rzyt-ttz5-aycb |
| summary |
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended administrative change. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-6442
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rzyt-ttz5-aycb |
|
| 156 |
| url |
VCID-s3ud-fks7-1kb2 |
| vulnerability_id |
VCID-s3ud-fks7-1kb2 |
| summary |
samba: wide links protection broken |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2022-3592
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s3ud-fks7-1kb2 |
|
| 157 |
| url |
VCID-sdjf-rkjd-sudg |
| vulnerability_id |
VCID-sdjf-rkjd-sudg |
| summary |
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-8467
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sdjf-rkjd-sudg |
|
| 158 |
|
| 159 |
| url |
VCID-ss54-ft8h-rufv |
| vulnerability_id |
VCID-ss54-ft8h-rufv |
| summary |
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-10197
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ss54-ft8h-rufv |
|
| 160 |
|
| 161 |
| url |
VCID-sx4y-dnaz-2ua3 |
| vulnerability_id |
VCID-sx4y-dnaz-2ua3 |
| summary |
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0829
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sx4y-dnaz-2ua3 |
|
| 162 |
|
| 163 |
| url |
VCID-t35b-ur7m-vqeu |
| vulnerability_id |
VCID-t35b-ur7m-vqeu |
| summary |
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2020-14383
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t35b-ur7m-vqeu |
|
| 164 |
| url |
VCID-tbhp-xkw4-hucg |
| vulnerability_id |
VCID-tbhp-xkw4-hucg |
| summary |
A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2018-10918
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tbhp-xkw4-hucg |
|
| 165 |
| url |
VCID-tn47-ka5t-4bas |
| vulnerability_id |
VCID-tn47-ka5t-4bas |
| summary |
Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2008-3789
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tn47-ka5t-4bas |
|
| 166 |
| url |
VCID-tu1y-tz4k-ayak |
| vulnerability_id |
VCID-tu1y-tz4k-ayak |
| summary |
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-2407
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tu1y-tz4k-ayak |
|
| 167 |
| url |
VCID-tyhs-5xjv-c7b5 |
| vulnerability_id |
VCID-tyhs-5xjv-c7b5 |
| summary |
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-3223
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhs-5xjv-c7b5 |
|
| 168 |
| url |
VCID-u4fr-s35u-8khu |
| vulnerability_id |
VCID-u4fr-s35u-8khu |
| summary |
There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-14902
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u4fr-s35u-8khu |
|
| 169 |
|
| 170 |
|
| 171 |
| url |
VCID-uyuw-v56z-93ez |
| vulnerability_id |
VCID-uyuw-v56z-93ez |
| summary |
samba: out-of-bounds read in winbind AUTH_CRAP |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-2127
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uyuw-v56z-93ez |
|
| 172 |
| url |
VCID-v1yr-nwrt-v3hx |
| vulnerability_id |
VCID-v1yr-nwrt-v3hx |
| summary |
Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-0453
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v1yr-nwrt-v3hx |
|
| 173 |
| url |
VCID-v9wu-g3qz-qycb |
| vulnerability_id |
VCID-v9wu-g3qz-qycb |
| summary |
smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-0452
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v9wu-g3qz-qycb |
|
| 174 |
| url |
VCID-vctn-c1b3-rbh5 |
| vulnerability_id |
VCID-vctn-c1b3-rbh5 |
| summary |
It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-15087
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vctn-c1b3-rbh5 |
|
| 175 |
| url |
VCID-vedj-x1yz-3uec |
| vulnerability_id |
VCID-vedj-x1yz-3uec |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2125
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vedj-x1yz-3uec |
|
| 176 |
| url |
VCID-vju9-ns28-sydp |
| vulnerability_id |
VCID-vju9-ns28-sydp |
| summary |
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2002-1318
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vju9-ns28-sydp |
|
| 177 |
|
| 178 |
| url |
VCID-vtne-we7s-tuet |
| vulnerability_id |
VCID-vtne-we7s-tuet |
| summary |
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2110
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vtne-we7s-tuet |
|
| 179 |
| url |
VCID-vutz-f18f-z7a2 |
| vulnerability_id |
VCID-vutz-f18f-z7a2 |
| summary |
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-3824
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vutz-f18f-z7a2 |
|
| 180 |
| url |
VCID-wc26-trz1-u7fv |
| vulnerability_id |
VCID-wc26-trz1-u7fv |
| summary |
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2020-10704
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wc26-trz1-u7fv |
|
| 181 |
|
| 182 |
| url |
VCID-wk72-a6my-cyc3 |
| vulnerability_id |
VCID-wk72-a6my-cyc3 |
| summary |
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-4572
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wk72-a6my-cyc3 |
|
| 183 |
| url |
VCID-wrdj-n64j-1kcg |
| vulnerability_id |
VCID-wrdj-n64j-1kcg |
| summary |
smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2011-1678
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wrdj-n64j-1kcg |
|
| 184 |
| url |
VCID-wwk6-xbnh-rqfr |
| vulnerability_id |
VCID-wwk6-xbnh-rqfr |
| summary |
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-2444
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wwk6-xbnh-rqfr |
|
| 185 |
| url |
VCID-wxjz-mnpb-37b3 |
| vulnerability_id |
VCID-wxjz-mnpb-37b3 |
| summary |
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-2063
|
| risk_score |
0.3 |
| exploitability |
0.5 |
| weighted_severity |
0.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wxjz-mnpb-37b3 |
|
| 186 |
| url |
VCID-x55t-cux2-q3gw |
| vulnerability_id |
VCID-x55t-cux2-q3gw |
| summary |
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-5252
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x55t-cux2-q3gw |
|
| 187 |
|
| 188 |
| url |
VCID-xanm-gdz1-gfb5 |
| vulnerability_id |
VCID-xanm-gdz1-gfb5 |
| summary |
The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-1635
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xanm-gdz1-gfb5 |
|
| 189 |
|
| 190 |
|
| 191 |
| url |
VCID-xtkd-zzyu-6ueq |
| vulnerability_id |
VCID-xtkd-zzyu-6ueq |
| summary |
The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0808
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xtkd-zzyu-6ueq |
|
| 192 |
| url |
VCID-xuz4-gmed-afb7 |
| vulnerability_id |
VCID-xuz4-gmed-afb7 |
| summary |
The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or "hide unreadable" parameter. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-0454
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xuz4-gmed-afb7 |
|
| 193 |
| url |
VCID-xvjy-amhr-z3d8 |
| vulnerability_id |
VCID-xvjy-amhr-z3d8 |
| summary |
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2017-2619
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xvjy-amhr-z3d8 |
|
| 194 |
|
| 195 |
| url |
VCID-y75k-dzty-6qcf |
| vulnerability_id |
VCID-y75k-dzty-6qcf |
| summary |
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2003-0086
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y75k-dzty-6qcf |
|
| 196 |
| url |
VCID-ymgt-p34u-k3cp |
| vulnerability_id |
VCID-ymgt-p34u-k3cp |
| summary |
samba: heap buffer overflow with freshness tokens in the Heimdal KDC |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2023-5568
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ymgt-p34u-k3cp |
|
| 197 |
| url |
VCID-ypx9-qgwf-5qan |
| vulnerability_id |
VCID-ypx9-qgwf-5qan |
| summary |
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2010-0728
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ypx9-qgwf-5qan |
|
| 198 |
| url |
VCID-yt92-mfwy-z7er |
| vulnerability_id |
VCID-yt92-mfwy-z7er |
| summary |
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2016-2112
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yt92-mfwy-z7er |
|
| 199 |
| url |
VCID-ytdy-akzb-a7e1 |
| vulnerability_id |
VCID-ytdy-akzb-a7e1 |
| summary |
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2019-14861
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ytdy-akzb-a7e1 |
|
| 200 |
| url |
VCID-yvqm-ryuz-jqdu |
| vulnerability_id |
VCID-yvqm-ryuz-jqdu |
| summary |
The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2013-0213
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yvqm-ryuz-jqdu |
|
| 201 |
| url |
VCID-yxjb-u3xu-9kcc |
| vulnerability_id |
VCID-yxjb-u3xu-9kcc |
| summary |
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2018-16860
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yxjb-u3xu-9kcc |
|
| 202 |
| url |
VCID-z5cg-wngn-47a4 |
| vulnerability_id |
VCID-z5cg-wngn-47a4 |
| summary |
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2004-0882
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z5cg-wngn-47a4 |
|
| 203 |
| url |
VCID-zcfp-hhne-tuf2 |
| vulnerability_id |
VCID-zcfp-hhne-tuf2 |
| summary |
A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2018-1140
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zcfp-hhne-tuf2 |
|
| 204 |
| url |
VCID-zfyb-9wrs-eyfx |
| vulnerability_id |
VCID-zfyb-9wrs-eyfx |
| summary |
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2015-5296
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zfyb-9wrs-eyfx |
|
| 205 |
| url |
VCID-zgya-jhhp-9ue4 |
| vulnerability_id |
VCID-zgya-jhhp-9ue4 |
| summary |
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| purl |
pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-5tc4-e6tj-3qfa |
|
| 1 |
| vulnerability |
VCID-7n9k-74nf-ayah |
|
| 2 |
| vulnerability |
VCID-7rsk-suge-a7b4 |
|
| 3 |
| vulnerability |
VCID-8jp7-e281-tqha |
|
| 4 |
| vulnerability |
VCID-8yq8-wp1b-p7gt |
|
| 5 |
| vulnerability |
VCID-9cv8-xnmm-cyh8 |
|
| 6 |
| vulnerability |
VCID-9kyr-nxjs-xkaw |
|
| 7 |
| vulnerability |
VCID-afjh-h9hy-u7dz |
|
| 8 |
| vulnerability |
VCID-atg1-qx5q-hfdu |
|
| 9 |
| vulnerability |
VCID-bkse-muh9-t7a8 |
|
| 10 |
| vulnerability |
VCID-e2b4-vjgq-sbdq |
|
| 11 |
| vulnerability |
VCID-fb3p-pr3k-wbhj |
|
| 12 |
| vulnerability |
VCID-fj5p-xkmp-vken |
|
| 13 |
| vulnerability |
VCID-gec9-c1be-dkba |
|
| 14 |
| vulnerability |
VCID-gx57-3mtp-hqdh |
|
| 15 |
| vulnerability |
VCID-hxfw-6htj-wkhg |
|
| 16 |
| vulnerability |
VCID-j1a6-7vhx-sbh7 |
|
| 17 |
| vulnerability |
VCID-j358-djx5-8qdw |
|
| 18 |
| vulnerability |
VCID-mnnu-hrtz-uyeg |
|
| 19 |
| vulnerability |
VCID-mtrk-m8jm-gyfg |
|
| 20 |
| vulnerability |
VCID-t156-69p4-s7gu |
|
| 21 |
| vulnerability |
VCID-usyw-3jt1-xyez |
|
| 22 |
| vulnerability |
VCID-wc2t-bbf1-mua5 |
|
| 23 |
| vulnerability |
VCID-x9ky-gfg3-hfen |
|
| 24 |
| vulnerability |
VCID-xmpf-4zxw-dybe |
|
| 25 |
| vulnerability |
VCID-xt8n-4rnc-b7fs |
|
| 26 |
| vulnerability |
VCID-zx6s-p6p1-z7ft |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| aliases |
CVE-2007-5398
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zgya-jhhp-9ue4 |
|
| 206 |
|