| Bug | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2023-42669 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | A vulnerability was found in Samba's "rpcecho" development server, a n ... |
| CVE-2023-4154 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | A design flaw was found in Samba's DirSync control implementation, whi ... |
| CVE-2023-0922 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | The Samba AD DC administration tool, when operating against a remote L ... |
| CVE-2023-0614 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confident ... |
| CVE-2023-0225 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | A flaw was found in Samba. An incomplete access check on dnsHostName a ... |
| CVE-2022-45141 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerabili ... |
| CVE-2022-44640 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... |
| CVE-2022-42898 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x befo ... |
| CVE-2022-38023 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Netlogon RPC Elevation of Privilege Vulnerability |
| CVE-2022-37967 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Windows Kerberos Elevation of Privilege Vulnerability |
| CVE-2022-37966 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability |
| CVE-2022-32743 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Samba does not validate the Validated-DNS-Host-Name right for the dNSH ... |
| CVE-2022-1615 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | In Samba, GnuTLS gnutls_rnd() can fail and give predictable random val ... |
| CVE-2021-44141 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | All versions of Samba prior to 4.15.5 are vulnerable to a malicious cl ... |
| CVE-2021-20316 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | A flaw was found in the way Samba handled file/directory metadata. Thi ... |
| CVE-2021-20251 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | A flaw was found in samba. A race condition in the password lockout co ... |
| CVE-2021-3670 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | MaxQueryDuration not honoured in Samba AD DC LDAP |
| CVE-2020-25720 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | |
| CVE-2018-14628 | vulnerable (no DSA, ignored) | vulnerable (no DSA, postponed) | fixed | fixed | An information leak vulnerability was discovered in Samba's LDAP serve ... |
| Bug | Description |
|---|
| TEMP-0514151-B17364 | samba: Account locking out doesnt work with an LDAP backend |
| CVE-2023-42670 | A flaw was found in Samba. It is susceptible to a vulnerability where ... |
| CVE-2023-34968 | A path disclosure vulnerability was found in Samba. As part of the Spo ... |
| CVE-2023-34967 | A Type Confusion vulnerability was found in Samba's mdssvc RPC service ... |
| CVE-2023-34966 | An infinite loop vulnerability was found in Samba's mdssvc RPC service ... |
| CVE-2023-5568 | A heap-based Buffer Overflow flaw was discovered in Samba. It could al ... |
| CVE-2023-4091 | A vulnerability was discovered in Samba, where the flaw allows SMB cli ... |
| CVE-2023-3961 | A path traversal vulnerability was identified in Samba when processing ... |
| CVE-2023-3347 | A vulnerability was found in Samba's SMB2 packet signing mechanism. Th ... |
| CVE-2022-32746 | A flaw was found in the Samba AD LDAP server. The AD DC database audit ... |
| CVE-2022-32745 | A flaw was found in Samba. Samba AD users can cause the server to acce ... |
| CVE-2022-32744 | A flaw was found in Samba. The KDC accepts kpasswd requests encrypted ... |
| CVE-2022-32742 | A flaw was found in Samba. Some SMB1 write requests were not correctly ... |
| CVE-2022-3592 | A symlink following vulnerability was found in Samba, where a user can ... |
| CVE-2022-3437 | A heap-based buffer overflow vulnerability was found in Samba within t ... |
| CVE-2022-2127 | An out-of-bounds read vulnerability was found in Samba due to insuffic ... |
| CVE-2022-2031 | A flaw was found in Samba. The security vulnerability occurs when KDC ... |
| CVE-2022-0336 | The Samba AD DC includes checks when adding service principals names ( ... |
| CVE-2021-44142 | The Samba vfs_fruit module uses extended file attributes (EA, xattr) t ... |
| CVE-2021-43566 | All versions of Samba prior to 4.13.16 are vulnerable to a malicious c ... |
| CVE-2021-23192 | A flaw was found in the way samba implemented DCE/RPC. If a client to ... |
| CVE-2021-20254 | A flaw was found in samba. The Samba smbd file server must map Windows ... |
| CVE-2021-3738 | In DCE/RPC it is possible to share the handles (cookies for resource s ... |
| CVE-2021-3671 | A null pointer de-reference was found in the way samba kerberos server ... |
| CVE-2020-25722 | Multiple flaws were found in the way samba AD DC implemented access an ... |
| CVE-2020-25721 | Kerberos acceptors need easy access to stable AD identifiers (eg objec ... |
| CVE-2020-25719 | A flaw was found in the way Samba, as an Active Directory Domain Contr ... |
| CVE-2020-25718 | A flaw was found in the way samba, as an Active Directory Domain Contr ... |
| CVE-2020-25717 | A flaw was found in the way Samba maps domain users to local users. An ... |
| CVE-2020-14383 | A flaw was found in samba's DNS server. An authenticated user could us ... |
| CVE-2020-14323 | A null pointer dereference flaw was found in samba's Winbind service i ... |
| CVE-2020-14318 | A flaw was found in the way samba handled file and directory permissio ... |
| CVE-2020-14303 | A flaw was found in the AD DC NBT server in all Samba versions before ... |
| CVE-2020-10760 | A use-after-free flaw was found in all samba LDAP server versions befo ... |
| CVE-2020-10745 | A flaw was found in all Samba versions before 4.10.17, before 4.11.11 ... |
| CVE-2020-10730 | A NULL pointer dereference, or possible use-after-free flaw was found ... |
| CVE-2020-10704 | A flaw was found when using samba as an Active Directory Domain Contro ... |
| CVE-2020-10700 | A use-after-free flaw was found in the way samba AD DC LDAP servers, h ... |
| CVE-2020-1472 | An elevation of privilege vulnerability exists when an attacker establ ... |
| CVE-2019-19344 | There is a use-after-free issue in all samba 4.9.x versions before 4.9 ... |
| CVE-2019-14907 | All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11 ... |
| CVE-2019-14902 | There is an issue in all samba 4.11.x versions before 4.11.5, all samb ... |
| CVE-2019-14870 | All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11 ... |
| CVE-2019-14861 | All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11 ... |
| CVE-2019-14847 | A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x b ... |
| CVE-2019-14833 | A flaw was found in Samba, all versions starting samba 4.5.0 before sa ... |
| CVE-2019-12436 | Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to ... |
| CVE-2019-12435 | Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer d ... |
| CVE-2019-10218 | A flaw was found in the samba client, all samba versions before samba ... |
| CVE-2019-10197 | A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up ... |
| CVE-2019-3880 | A flaw was found in the way samba implemented an RPC endpoint emulatin ... |
| CVE-2019-3870 | A vulnerability was found in Samba from version (including) 4.9 to ver ... |
| CVE-2019-3824 | A flaw was found in the way an LDAP search expression could crash the ... |
| CVE-2018-16860 | A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x ... |
| CVE-2018-16857 | Samba from version 4.9.0 and before version 4.9.3 that have AD DC conf ... |
| CVE-2018-16853 | Samba from version 4.7.0 has a vulnerability that allows a user in a S ... |
| CVE-2018-16852 | Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a N ... |
| CVE-2018-16851 | Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is v ... |
| CVE-2018-16841 | Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 a ... |
| CVE-2018-14629 | A denial of service vulnerability was discovered in Samba's LDAP serve ... |
| CVE-2018-10919 | The Samba Active Directory LDAP server was vulnerable to an informatio ... |
| CVE-2018-10918 | A null pointer dereference flaw was found in the way samba checked dat ... |
| CVE-2018-10858 | A heap-buffer overflow was found in the way samba clients processed ex ... |
| CVE-2018-1140 | A missing input sanitization flaw was found in the implementation of L ... |
| CVE-2018-1139 | A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the u ... |
| CVE-2018-1057 | On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 ... |
| CVE-2018-1050 | All versions of Samba from 4.0.0 onwards are vulnerable to a denial of ... |
| CVE-2017-15275 | Samba before 4.7.3 might allow remote attackers to obtain sensitive in ... |
| CVE-2017-15087 | It was discovered that the fix for CVE-2017-12163 was not properly shi ... |
| CVE-2017-15086 | It was discovered that the fix for CVE-2017-12151 was not properly shi ... |
| CVE-2017-15085 | It was discovered that the fix for CVE-2017-12150 was not properly shi ... |
| CVE-2017-14746 | Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote a ... |
| CVE-2017-12163 | An information leak flaw was found in the way SMB1 protocol was implem ... |
| CVE-2017-12151 | A flaw was found in the way samba client before samba 4.4.16, samba 4. ... |
| CVE-2017-12150 | It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x ... |
| CVE-2017-11103 | Heimdal before 7.4 allows remote attackers to impersonate services wit ... |
| CVE-2017-9461 | smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of ser ... |
| CVE-2017-7494 | Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulne ... |
| CVE-2017-2619 | Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a mali ... |
| CVE-2016-2126 | Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation d ... |
| CVE-2016-2125 | It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always re ... |
| CVE-2016-2124 | A flaw was found in the way samba implemented SMB1 authentication. An ... |
| CVE-2016-2123 | A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine n ... |
| CVE-2016-2119 | libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3 ... |
| CVE-2016-2118 | The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x ... |
| CVE-2016-2115 | Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before ... |
| CVE-2016-2114 | The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x bef ... |
| CVE-2016-2113 | Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 do ... |
| CVE-2016-2112 | The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4. ... |
| CVE-2016-2111 | The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before ... |
| CVE-2016-2110 | The NTLMSSP authentication implementation in Samba 3.x and 4.x before ... |
| CVE-2016-0771 | The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9 ... |
| CVE-2015-8467 | The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_m ... |
| CVE-2015-7560 | The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4. ... |
| CVE-2015-7540 | The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 ... |
| CVE-2015-5370 | Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before ... |
| CVE-2015-5330 | ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4 ... |
| CVE-2015-5299 | The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_c ... |
| CVE-2015-5296 | Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before ... |
| CVE-2015-5252 | vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, ... |
| CVE-2015-3223 | The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, ... |
| CVE-2015-0240 | The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x be ... |
| CVE-2014-8143 | Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc ... |
| CVE-2014-3560 | NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4 ... |
| CVE-2014-3493 | The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x be ... |
| CVE-2014-0244 | The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x ... |
| CVE-2014-0239 | The internal DNS server in Samba 4.x before 4.0.18 does not check the ... |
| CVE-2014-0178 | Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1. ... |
| CVE-2013-6442 | The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before ... |
| CVE-2013-4496 | Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 d ... |
| CVE-2013-4476 | Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is ... |
| CVE-2013-4475 | Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1. ... |
| CVE-2013-4408 | Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done functi ... |
| CVE-2013-4124 | Integer overflow in the read_nttrans_ea_list function in nttrans.c in ... |
| CVE-2013-0454 | The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IB ... |
| CVE-2013-0214 | Cross-site request forgery (CSRF) vulnerability in the Samba Web Admin ... |
| CVE-2013-0213 | The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3 ... |
| CVE-2013-0172 | Samba 4.0.x before 4.0.1, in certain Active Directory domain-controlle ... |
| CVE-2012-6150 | The winbind_name_list_to_sid_string_list function in nsswitch/pam_winb ... |
| CVE-2012-2111 | The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) ... |
| CVE-2012-1182 | The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14 ... |
| CVE-2012-0870 | Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used ... |
| CVE-2012-0817 | Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attacker ... |
| CVE-2011-3585 | Multiple race conditions in the (1) mount.cifs and (2) umount.cifs pro ... |
| CVE-2011-2724 | The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs ... |
| CVE-2011-2694 | Cross-site scripting (XSS) vulnerability in the chg_passwd function in ... |
| CVE-2011-2522 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Samb ... |
| CVE-2011-1678 | smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to app ... |
| CVE-2011-0719 | Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 d ... |
| CVE-2010-3069 | Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse ... |
| CVE-2010-2063 | Buffer overflow in the SMB1 packet chaining implementation in the chai ... |
| CVE-2010-1642 | The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Sa ... |
| CVE-2010-1635 | The chain_reply function in process.c in smbd in Samba before 3.4.8 an ... |
| CVE-2010-0926 | The default configuration of smbd in Samba before 3.3.11, 3.4.x before ... |
| CVE-2010-0787 | client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3 ... |
| CVE-2010-0728 | smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled ... |
| CVE-2010-0547 | client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier ... |
| CVE-2009-2948 | mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3 ... |
| CVE-2009-2906 | smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, ... |
| CVE-2009-2813 | Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.1 ... |
| CVE-2009-1888 | The acl_group_override function in smbd/posix_acls.c in smbd in Samba ... |
| CVE-2009-1886 | Multiple format string vulnerabilities in client/client.c in smbclient ... |
| CVE-2009-0022 | Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows re ... |
| CVE-2008-4314 | smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to rea ... |
| CVE-2008-3789 | Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb ... |
| CVE-2008-1105 | Heap-based buffer overflow in the receive_smb_raw function in util/soc ... |
| CVE-2007-6015 | Stack-based buffer overflow in the send_mailslot function in nmbd in S ... |
| CVE-2007-5398 | Stack-based buffer overflow in the reply_netbios_packet function in nm ... |
| CVE-2007-4572 | Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, wh ... |
| CVE-2007-4138 | The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in ... |
| CVE-2007-2447 | The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allo ... |
| CVE-2007-2446 | Multiple heap-based buffer overflows in the NDR parsing in smbd in Sam ... |
| CVE-2007-2444 | Logic error in the SID/Name translation functionality in smbd in Samba ... |
| CVE-2007-2407 | The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows fi ... |
| CVE-2007-0454 | Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 ... |
| CVE-2007-0453 | Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 throug ... |
| CVE-2007-0452 | smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users ... |
| CVE-2006-3403 | The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows ... |
| CVE-2006-1059 | The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trus ... |
| CVE-2004-2546 | Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a ... |
| CVE-2004-1154 | Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x thr ... |
| CVE-2004-0930 | The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other ve ... |
| CVE-2004-0882 | Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x th ... |
| CVE-2004-0829 | smbd in Samba before 2.2.11 allows remote attackers to cause a denial ... |
| CVE-2004-0815 | The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x ... |
| CVE-2004-0808 | The process_logon_packet function in the nmbd server for Samba 3.0.6 a ... |
| CVE-2004-0807 | Samba 3.0.6 and earlier allows remote attackers to cause a denial of s ... |
| CVE-2004-0686 | Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the ... |
| CVE-2004-0600 | Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3 ... |
| CVE-2004-0186 | smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allow ... |
| CVE-2004-0082 | The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1 ... |
| CVE-2003-1332 | Stack-based buffer overflow in the reply_nttrans function in Samba 2.2 ... |
| CVE-2003-0201 | Buffer overflow in the call_trans2open function in trans2.c for Samba ... |
| CVE-2003-0196 | Multiple buffer overflows in Samba before 2.2.8a may allow remote atta ... |
| CVE-2003-0086 | The code for writing reg files in Samba before 2.2.8 allows local user ... |
| CVE-2003-0085 | Buffer overflow in the SMB/CIFS packet fragment re-assembly code for S ... |
| CVE-2002-2196 | Samba before 2.2.5 does not properly terminate the enum_csc_policy dat ... |
| CVE-2002-1318 | Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers t ... |