This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:samba:samba:3.0.24
Detail
VendorSambaFirst view 2007-05-14
ProductSambaLast view2019-04-09
Version3.0.24TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:samba:samba

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
5.52019-04-09CVE-2019-3880NetworkLowRequires ...
42019-03-06CVE-2019-3824NetworkLowRequires ...
4.32018-08-22CVE-2018-1139NetworkMediumNone Requ...
6.52018-08-22CVE-2018-10858NetworkLowRequires ...
5.82018-07-27CVE-2017-12151NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.82018-07-26CVE-2017-12163Adjacent ...LowNone Requ...
5.82018-07-26CVE-2017-12150NetworkMediumNone Requ...
6.82017-06-06CVE-2017-9461NetworkLowRequires ...
4.32016-04-24CVE-2016-2115NetworkMediumNone Requ...
4.32016-04-24CVE-2016-2112NetworkMediumNone Requ...
4.32016-04-24CVE-2016-2111Adjacent ...MediumNone Requ...
4.32016-04-24CVE-2016-2110NetworkMediumNone Requ...
6.82016-04-12CVE-2016-2118NetworkMediumNone Requ...
42016-03-13CVE-2015-7560NetworkLowRequires ...
52015-12-29CVE-2015-5299NetworkLowNone Requ...
52014-03-14CVE-2013-4496NetworkLowNone Requ...
8.32013-12-10CVE-2013-4408Adjacent ...LowNone Requ...
3.62013-12-03CVE-2012-6150NetworkHighRequires ...
42013-11-13CVE-2013-4475NetworkHighNone Requ...
52013-08-05CVE-2013-4124NetworkLowNone Requ...
42013-03-26CVE-2013-0454NetworkLowRequires ...
5.12013-02-02CVE-2013-0214NetworkHighNone Requ...
5.12013-02-02CVE-2013-0213NetworkHighNone Requ...
102012-04-10CVE-2012-1182NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
26% (10)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
13% (5)CWE-264Permissions, Privileges, and Access Controls
13% (5)CWE-254Security Features
13% (5)CWE-20Improper Input Validation
5% (2)CWE-352Cross-Site Request Forgery (CSRF)
Hide | Show 9 More...
%idName
5% (2)CWE-200Information Exposure
5% (2)CWE-189Numeric Errors
2% (1)CWE-522Insufficiently Protected Credentials
2% (1)CWE-310Cryptographic Issues
2% (1)CWE-284Access Control (Authorization) Issues
2% (1)CWE-275Permission Issues
2% (1)CWE-255Credentials Management
2% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:9191Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 throu...
oval:org.mitre.oval:def:7895DSA-1908 samba -- several vulnerabilities
oval:org.mitre.oval:def:7791HP-UX running HP CIFS Server (Samba), Remote Unauthorized Access
oval:org.mitre.oval:def:7257HP-UX running HP CIFS Server (Samba), Remote Unauthorized Access
oval:org.mitre.oval:def:7211Samba sharing restriction bypassing vulnerability
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:13061DSA-1908-1 ntp -- denial of service
oval:org.mitre.oval:def:21206RHSA-2013:1806: samba and samba3x security update (Important)
oval:org.mitre.oval:def:20821DSA-2812-1 samba - several
oval:org.mitre.oval:def:20652USN-2054-1 -- samba vulnerabilities
oval:org.mitre.oval:def:23855ELSA-2013:1806: samba and samba3x security update (Important)
oval:org.mitre.oval:def:23482DEPRECATED: ELSA-2013:1806: samba and samba3x security update (Important)
oval:org.mitre.oval:def:25148SUSE-SU-2014:0024-1 -- Security update for Samba
oval:org.mitre.oval:def:26318SUSE-SU-2014:0839-1 -- Security update for Samba
oval:org.mitre.oval:def:27279DEPRECATED: ELSA-2013-1806 -- samba and samba3x security update (important)
oval:org.mitre.oval:def:24260RHSA-2014:0330: samba and samba3x security update (Moderate)
oval:org.mitre.oval:def:24242USN-2156-1 -- samba vulnerability
oval:org.mitre.oval:def:24559ELSA-2014:0330: samba and samba3x security update (Moderate)
oval:org.mitre.oval:def:24494DEPRECATED: ELSA-2014:0330: samba and samba3x security update (Moderate)
oval:org.mitre.oval:def:25152SUSE-SU-2014:0497-1 -- Security update for Samba
oval:org.mitre.oval:def:25353SUSE-SU-2014:0901-1 -- Security update for Samba
oval:org.mitre.oval:def:26958DEPRECATED: ELSA-2014-0330 -- samba and samba3x security update (moderate)
oval:org.mitre.oval:def:9944smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4...
oval:org.mitre.oval:def:7090smbd DOS vulnerability via unanticipated oplock break notification reply packet
oval:org.mitre.oval:def:7515DSA-2004 samba -- several vulnerabilities
oval:org.mitre.oval:def:20631VMware ESXi and ESX updates to third party library and ESX Service Console

SAINT Exploits

DescriptionLink
Samba lsa_io_trans_names buffer overflowMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
74872Samba smbfs mount.cifs / umount.cifs RLIMIT_FSIZE Value Handling mtab Local C...
74871Samba mount.cifs Tool Share / Directory Name Newline Injection mtab Corruptio...
74072Samba SWAT Change Password Page user Field XSS
74071Samba SWAT Multiple Function CSRF
71268Samba FD_SET Macro Memory Corruption
Hide | Show 17 More...
idDescription
67994Samba sid_parse() Function SID Parsing Remote Overflow
65518Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption
65436Samba smbd sesssetup.c Session Setup AndX Security Blob Length Value Uninitia...
65435Samba smbd process.c chain_reply Function Session Setup AndX Request NULL Der...
62155Samba smbfs mount.cifs client/mount.cifs.c Crafted String mtab Corruption Loc...
58520Samba SUID mount.cifs --verbose Argument Arbitrary File Portion Disclosure
58519Samba smbd Crafted SMB Request Remote CPU Consumption DoS
57955Samba Unconfigured Home Directory Windows File Share Directory Access Restric...
55411Samba smbd/posix_acls.c acl_group_override Function Remote Access Control Lis...
39191Samba nmdb send_mailslot() Function GETDC mailslot Request Remote Overflow
39180Samba nmbd Crafted GETDC mailslot Request Remote Overflow
39179Samba nmbd nmbd/nmbd_packets.c reply_netbios_packet Function Remote Overflow
34733Samba DFS RPC Interface DFSEnum Request Remote Overflow
34732Samba SPOOLSS RPC Interface RFNPCNEX Request Remote Overflow
34731Samba SRVSVC RPC Interface NetSetFileSecurity Request Remote Overflow
34700Samba Unfiltered MS-RPC Calls Arbitrary Remote Command Execution
34699Samba LSA RPC Interface Multiple Function Remote Overflow

ExploitDB Exploits

idDescription
27778Samba nttrans Reply - Integer Overflow Vulnerability
17577SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC
16320Samba "username map script" Command Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-13Name : SuSE Update for update openSUSE-SU-2012:0507-1 (update)
File : nvt/gb_suse_2012_0507_1.nasl
2012-09-10Name : Slackware Advisory SSA:2011-210-03 samba
File : nvt/esoft_slk_ssa_2011_210_03.nasl
2012-08-30Name : Fedora Update for samba FEDORA-2012-5793
File : nvt/gb_fedora_2012_5793_samba_fc17.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-22 (Samba)
File : nvt/glsa_201206_22.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-29 (mount-cifs)
File : nvt/glsa_201206_29.nasl
Hide | Show 20 More...
idDescription
2012-08-03Name : Mandriva Update for samba MDVSA-2012:055 (samba)
File : nvt/gb_mandriva_MDVSA_2012_055.nasl
2012-08-02Name : SuSE Update for samba openSUSE-SU-2012:0508-1 (samba)
File : nvt/gb_suse_2012_0508_1.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2011:1219 centos5 x86_64
File : nvt/gb_CESA-2011_1219_libsmbclient_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for samba CESA-2011:1219 centos4 x86_64
File : nvt/gb_CESA-2011_1219_samba_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for samba3x CESA-2011:1220 centos5 x86_64
File : nvt/gb_CESA-2011_1220_samba3x_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2011:0305 centos5 x86_64
File : nvt/gb_CESA-2011_0305_libsmbclient_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for samba3x CESA-2011:0306 centos5 x86_64
File : nvt/gb_CESA-2011_0306_samba3x_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2012:0465 centos5
File : nvt/gb_CESA-2012_0465_libsmbclient_centos5.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2012:0465 centos6
File : nvt/gb_CESA-2012_0465_libsmbclient_centos6.nasl
2012-07-30Name : CentOS Update for samba3x CESA-2012:0466 centos5
File : nvt/gb_CESA-2012_0466_samba3x_centos5.nasl
2012-07-09Name : RedHat Update for samba and cifs-utils RHSA-2011:1221-01
File : nvt/gb_RHSA-2011_1221-01_samba_and_cifs-utils.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-05-17Name : Fedora Update for samba4 FEDORA-2012-6382
File : nvt/gb_fedora_2012_6382_samba4_fc16.nasl
2012-05-04Name : Fedora Update for samba4 FEDORA-2012-6349
File : nvt/gb_fedora_2012_6349_samba4_fc15.nasl
2012-05-04Name : Fedora Update for samba FEDORA-2012-6999
File : nvt/gb_fedora_2012_6999_samba_fc15.nasl
2012-05-04Name : Fedora Update for samba FEDORA-2012-7006
File : nvt/gb_fedora_2012_7006_samba_fc16.nasl
2012-04-30Name : FreeBSD Ports: samba34
File : nvt/freebsd_samba342.nasl
2012-04-30Name : Debian Security Advisory DSA 2450-1 (samba)
File : nvt/deb_2450_1.nasl
2012-04-23Name : Fedora Update for samba FEDORA-2012-5805
File : nvt/gb_fedora_2012_5805_samba_fc15.nasl
2012-04-16Name : Fedora Update for samba FEDORA-2012-5843
File : nvt/gb_fedora_2012_5843_samba_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-B-0131Multiple Vulnerabilities in Samba
Severity : Category I - VMSKEY : V0042303
2013-B-0082Samba Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0039910
2012-A-0020Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2018-01-03Samba unsigned connections attempt
RuleID : 45074 - Type : SERVER-SAMBA - Revision : 3
2018-01-03Samba write command memory leak attempt
RuleID : 45072 - Type : SERVER-SAMBA - Revision : 2
2018-01-03Samba write and unlock command memory leak attempt
RuleID : 45071 - Type : SERVER-SAMBA - Revision : 2
2018-01-03Samba write and close command memory leak attempt
RuleID : 45070 - Type : SERVER-SAMBA - Revision : 2
2018-01-03Samba write andx command memory leak attempt
RuleID : 45069 - Type : SERVER-SAMBA - Revision : 2
Hide | Show 20 More...
DateDescription
2016-09-13DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt
RuleID : 39875 - Type : NETBIOS - Revision : 2
2015-03-31Samba WINS Server Name Registration handling stack buffer overflow attempt
RuleID : 33582 - Type : SERVER-SAMBA - Revision : 3
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 23240 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22012 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22011 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22010 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22009 - Type : SERVER-SAMBA - Revision : 9
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22008 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22007 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22006 - Type : SERVER-SAMBA - Revision : 7
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22005 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 22004 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba malicious user defined array size and buffer attempt
RuleID : 21806 - Type : SERVER-SAMBA - Revision : 8
2014-01-10Samba username map script command injection attempt
RuleID : 21164 - Type : SERVER-SAMBA - Revision : 6
2014-01-10Samba SID parsing overflow attempt
RuleID : 19007 - Type : SERVER-SAMBA - Revision : 8
2014-01-10DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow att...
RuleID : 18472 - Type : NETBIOS - Revision : 9
2014-01-10Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overfl...
RuleID : 18319 - Type : SERVER-SAMBA - Revision : 9
2014-01-10NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap over...
RuleID : 18314 - Type : SPECIFIC-THREATS - Revision : 4
2014-01-10DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt
RuleID : 18192 - Type : NETBIOS - Revision : 8
2014-01-10DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt
RuleID : 18191 - Type : NETBIOS - Revision : 8

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing one or more security updates.
File : fedora_2018-bc22d6c7bc.nasl - Type : ACT_GATHER_INFO
2018-12-20Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1126.nasl - Type : ACT_GATHER_INFO
2018-12-17Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-3056.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2789.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2791.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-08-22Name : The remote Fedora host is missing a security update.
File : fedora_2018-8e4d871867.nasl - Type : ACT_GATHER_INFO
2018-08-20Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-229-02.nasl - Type : ACT_GATHER_INFO
2018-08-15Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4271.nasl - Type : ACT_GATHER_INFO
2018-08-15Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c4e9a4279fc211e8802a000c29a1e3ec.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-f0c18420e8.nasl - Type : ACT_GATHER_INFO
2017-12-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1316.nasl - Type : ACT_GATHER_INFO
2017-12-01Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-3155-1.nasl - Type : ACT_GATHER_INFO
2017-11-13Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2971-1.nasl - Type : ACT_GATHER_INFO
2017-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-3110.nasl - Type : ACT_GATHER_INFO
2017-10-18Name : The remote Fedora host is missing a security update.
File : fedora_2017-581be259ef.nasl - Type : ACT_GATHER_INFO
2017-10-16Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2726-1.nasl - Type : ACT_GATHER_INFO
2017-10-13Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-909.nasl - Type : ACT_GATHER_INFO
2017-10-13Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2715-1.nasl - Type : ACT_GATHER_INFO
2017-10-12Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1146.nasl - Type : ACT_GATHER_INFO
2017-10-12Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1147.nasl - Type : ACT_GATHER_INFO
2017-10-12Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2704-1.nasl - Type : ACT_GATHER_INFO
2017-10-11Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2695-1.nasl - Type : ACT_GATHER_INFO
2017-10-10Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1233.nasl - Type : ACT_GATHER_INFO
2017-10-10Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1234.nasl - Type : ACT_GATHER_INFO
2017-10-06Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-2858.nasl - Type : ACT_GATHER_INFO