| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| url |
VCID-4pjr-6tfv-hqgu |
| vulnerability_id |
VCID-4pjr-6tfv-hqgu |
| summary |
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2015-7540
|
| risk_score |
0.2 |
| exploitability |
0.5 |
| weighted_severity |
0.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4pjr-6tfv-hqgu |
|
| 5 |
|
| 6 |
| url |
VCID-688u-s2a3-8fha |
| vulnerability_id |
VCID-688u-s2a3-8fha |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| purl |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 9 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 10 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 11 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 12 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 13 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 14 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 15 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 16 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 17 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 18 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 19 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 20 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2 |
|
| 2 |
|
|
| aliases |
CVE-2017-15275
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-688u-s2a3-8fha |
|
| 7 |
| url |
VCID-68mw-cr8k-qfgs |
| vulnerability_id |
VCID-68mw-cr8k-qfgs |
| summary |
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2015-5330
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-68mw-cr8k-qfgs |
|
| 8 |
| url |
VCID-6pd7-pxth-3faj |
| vulnerability_id |
VCID-6pd7-pxth-3faj |
| summary |
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2016-0771
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6pd7-pxth-3faj |
|
| 9 |
| url |
VCID-6y1r-n3tf-qbfy |
| vulnerability_id |
VCID-6y1r-n3tf-qbfy |
| summary |
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS). |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2013-4475
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6y1r-n3tf-qbfy |
|
| 10 |
| url |
VCID-82sk-6wse-qkbh |
| vulnerability_id |
VCID-82sk-6wse-qkbh |
| summary |
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2014-3493
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-82sk-6wse-qkbh |
|
| 11 |
| url |
VCID-8hfr-fp5z-s3c1 |
| vulnerability_id |
VCID-8hfr-fp5z-s3c1 |
| summary |
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2015-0240
|
| risk_score |
1.6 |
| exploitability |
2.0 |
| weighted_severity |
0.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8hfr-fp5z-s3c1 |
|
| 12 |
| url |
VCID-8tyg-f73c-zuh3 |
| vulnerability_id |
VCID-8tyg-f73c-zuh3 |
| summary |
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2016-2115
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8tyg-f73c-zuh3 |
|
| 13 |
|
| 14 |
|
| 15 |
| url |
VCID-94d3-5rgf-x3dh |
| vulnerability_id |
VCID-94d3-5rgf-x3dh |
| summary |
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
|
| aliases |
CVE-2015-7560
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-94d3-5rgf-x3dh |
|
| 16 |
| url |
VCID-apjj-ezss-a3hj |
| vulnerability_id |
VCID-apjj-ezss-a3hj |
| summary |
arbitrary code execution |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| purl |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 9 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 10 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 11 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 12 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 13 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 14 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 15 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 16 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 17 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 18 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 19 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 20 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2 |
|
|
| aliases |
CVE-2017-7494
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-apjj-ezss-a3hj |
|
| 17 |
| url |
VCID-b1ja-e7jm-gbhc |
| vulnerability_id |
VCID-b1ja-e7jm-gbhc |
| summary |
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2014-0178
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b1ja-e7jm-gbhc |
|
| 18 |
| url |
VCID-b9y4-s6nz-kkby |
| vulnerability_id |
VCID-b9y4-s6nz-kkby |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| purl |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 9 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 10 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 11 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 12 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 13 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 14 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 15 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 16 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 17 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 18 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 19 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 20 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2 |
|
|
| aliases |
CVE-2016-2123
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b9y4-s6nz-kkby |
|
| 19 |
| url |
VCID-c99r-m2v5-zqa3 |
| vulnerability_id |
VCID-c99r-m2v5-zqa3 |
| summary |
The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
|
| aliases |
CVE-2015-5299
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c99r-m2v5-zqa3 |
|
| 20 |
|
| 21 |
|
| 22 |
| url |
VCID-eaxm-5jgj-eqcg |
| vulnerability_id |
VCID-eaxm-5jgj-eqcg |
| summary |
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2016-2111
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-5jgj-eqcg |
|
| 23 |
| url |
VCID-egeg-4ds7-d3d1 |
| vulnerability_id |
VCID-egeg-4ds7-d3d1 |
| summary |
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK." |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2016-2118
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-egeg-4ds7-d3d1 |
|
| 24 |
| url |
VCID-enbr-g8ae-ubbc |
| vulnerability_id |
VCID-enbr-g8ae-ubbc |
| summary |
Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2016-2113
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-enbr-g8ae-ubbc |
|
| 25 |
| url |
VCID-et6f-6gtc-5ues |
| vulnerability_id |
VCID-et6f-6gtc-5ues |
| summary |
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2013-4408
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-et6f-6gtc-5ues |
|
| 26 |
| url |
VCID-j317-uv8e-6fgn |
| vulnerability_id |
VCID-j317-uv8e-6fgn |
| summary |
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2014-0244
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j317-uv8e-6fgn |
|
| 27 |
| url |
VCID-jmm9-r3u7-zufe |
| vulnerability_id |
VCID-jmm9-r3u7-zufe |
| summary |
multiple issues |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| purl |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 9 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 10 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 11 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 12 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 13 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 14 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 15 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 16 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 17 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 18 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 19 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 20 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2 |
|
| 2 |
|
|
| aliases |
CVE-2017-14746
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jmm9-r3u7-zufe |
|
| 28 |
|
| 29 |
|
| 30 |
| url |
VCID-m364-w7f6-aug7 |
| vulnerability_id |
VCID-m364-w7f6-aug7 |
| summary |
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2015-5370
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m364-w7f6-aug7 |
|
| 31 |
|
| 32 |
|
| 33 |
| url |
VCID-n6xc-pvqq-9bgs |
| vulnerability_id |
VCID-n6xc-pvqq-9bgs |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| purl |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 9 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 10 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 11 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 12 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 13 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 14 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 15 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 16 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 17 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 18 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 19 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 20 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2 |
|
|
| aliases |
CVE-2016-2126
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n6xc-pvqq-9bgs |
|
| 34 |
|
| 35 |
| url |
VCID-p4mk-1t9q-sbb3 |
| vulnerability_id |
VCID-p4mk-1t9q-sbb3 |
| summary |
The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2016-2114
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p4mk-1t9q-sbb3 |
|
| 36 |
|
| 37 |
|
| 38 |
| url |
VCID-sdjf-rkjd-sudg |
| vulnerability_id |
VCID-sdjf-rkjd-sudg |
| summary |
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2015-8467
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sdjf-rkjd-sudg |
|
| 39 |
|
| 40 |
|
| 41 |
| url |
VCID-tyhs-5xjv-c7b5 |
| vulnerability_id |
VCID-tyhs-5xjv-c7b5 |
| summary |
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2015-3223
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhs-5xjv-c7b5 |
|
| 42 |
|
| 43 |
| url |
VCID-vedj-x1yz-3uec |
| vulnerability_id |
VCID-vedj-x1yz-3uec |
| summary |
multiple issues |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
| 1 |
| url |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| purl |
pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 9 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 10 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 11 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 12 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 13 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 14 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 15 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 16 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 17 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 18 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 19 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 20 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2 |
|
|
| aliases |
CVE-2016-2125
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vedj-x1yz-3uec |
|
| 44 |
| url |
VCID-vtne-we7s-tuet |
| vulnerability_id |
VCID-vtne-we7s-tuet |
| summary |
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2016-2110
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vtne-we7s-tuet |
|
| 45 |
| url |
VCID-x55t-cux2-q3gw |
| vulnerability_id |
VCID-x55t-cux2-q3gw |
| summary |
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2015-5252
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x55t-cux2-q3gw |
|
| 46 |
| url |
VCID-xvjy-amhr-z3d8 |
| vulnerability_id |
VCID-xvjy-amhr-z3d8 |
| summary |
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| purl |
pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 9 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 10 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 11 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 12 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 13 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 14 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 15 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 16 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 17 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 18 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 19 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 20 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 21 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 22 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 23 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 24 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9 |
|
|
| aliases |
CVE-2017-2619
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xvjy-amhr-z3d8 |
|
| 47 |
| url |
VCID-yt92-mfwy-z7er |
| vulnerability_id |
VCID-yt92-mfwy-z7er |
| summary |
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| purl |
pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 7 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 8 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 9 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 10 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 11 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 12 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 13 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 14 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 15 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 16 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 17 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 18 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 19 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 20 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 21 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 22 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 23 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 24 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 25 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 26 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 27 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1 |
|
|
| aliases |
CVE-2016-2112
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yt92-mfwy-z7er |
|
| 48 |
| url |
VCID-zfyb-9wrs-eyfx |
| vulnerability_id |
VCID-zfyb-9wrs-eyfx |
| summary |
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| purl |
pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1yzz-fu2r-rqgy |
|
| 1 |
| vulnerability |
VCID-26vq-jj49-byez |
|
| 2 |
| vulnerability |
VCID-35qh-y7xf-nkdn |
|
| 3 |
| vulnerability |
VCID-3ddh-cm8f-nuf2 |
|
| 4 |
| vulnerability |
VCID-5tub-1spq-b7c7 |
|
| 5 |
| vulnerability |
VCID-688u-s2a3-8fha |
|
| 6 |
| vulnerability |
VCID-8tyg-f73c-zuh3 |
|
| 7 |
| vulnerability |
VCID-8ztz-2n8a-gqbm |
|
| 8 |
| vulnerability |
VCID-92g2-se8k-ybh5 |
|
| 9 |
| vulnerability |
VCID-94d3-5rgf-x3dh |
|
| 10 |
| vulnerability |
VCID-apjj-ezss-a3hj |
|
| 11 |
| vulnerability |
VCID-b9y4-s6nz-kkby |
|
| 12 |
| vulnerability |
VCID-c99r-m2v5-zqa3 |
|
| 13 |
| vulnerability |
VCID-dtxj-7cam-x3g9 |
|
| 14 |
| vulnerability |
VCID-dzyk-akhc-t7d2 |
|
| 15 |
| vulnerability |
VCID-eaxm-5jgj-eqcg |
|
| 16 |
| vulnerability |
VCID-egeg-4ds7-d3d1 |
|
| 17 |
| vulnerability |
VCID-enbr-g8ae-ubbc |
|
| 18 |
| vulnerability |
VCID-jmm9-r3u7-zufe |
|
| 19 |
| vulnerability |
VCID-jnby-fw2x-xyf4 |
|
| 20 |
| vulnerability |
VCID-kwqt-87ga-1bbn |
|
| 21 |
| vulnerability |
VCID-m364-w7f6-aug7 |
|
| 22 |
| vulnerability |
VCID-m8f3-3jf6-2bdy |
|
| 23 |
| vulnerability |
VCID-mxk6-6rwy-hfa3 |
|
| 24 |
| vulnerability |
VCID-n6xc-pvqq-9bgs |
|
| 25 |
| vulnerability |
VCID-njb3-9hmh-s3cg |
|
| 26 |
| vulnerability |
VCID-p4mk-1t9q-sbb3 |
|
| 27 |
| vulnerability |
VCID-qn5w-t24w-xye5 |
|
| 28 |
| vulnerability |
VCID-r7zv-4yyc-mqeu |
|
| 29 |
| vulnerability |
VCID-sg5x-7v6b-ffgk |
|
| 30 |
| vulnerability |
VCID-ssh4-ukvg-5fej |
|
| 31 |
| vulnerability |
VCID-uwmy-xe5s-yubn |
|
| 32 |
| vulnerability |
VCID-vedj-x1yz-3uec |
|
| 33 |
| vulnerability |
VCID-vtne-we7s-tuet |
|
| 34 |
| vulnerability |
VCID-xvjy-amhr-z3d8 |
|
| 35 |
| vulnerability |
VCID-yt92-mfwy-z7er |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7 |
|
|
| aliases |
CVE-2015-5296
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zfyb-9wrs-eyfx |
|