This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:samba:samba:3.0.2a
Detail
VendorSambaFirst view 2004-07-27
ProductSambaLast view2019-04-09
Version3.0.2aTypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:samba:samba

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
5.52019-04-09CVE-2019-3880NetworkLowRequires ...
42019-03-06CVE-2019-3824NetworkLowRequires ...
4.32018-08-22CVE-2018-1139NetworkMediumNone Requ...
6.52018-08-22CVE-2018-10858NetworkLowRequires ...
5.82018-07-27CVE-2017-12151NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.82018-07-26CVE-2017-12163Adjacent ...LowNone Requ...
5.82018-07-26CVE-2017-12150NetworkMediumNone Requ...
6.82017-06-06CVE-2017-9461NetworkLowRequires ...
4.32016-04-24CVE-2016-2115NetworkMediumNone Requ...
4.32016-04-24CVE-2016-2112NetworkMediumNone Requ...
4.32016-04-24CVE-2016-2111Adjacent ...MediumNone Requ...
4.32016-04-24CVE-2016-2110NetworkMediumNone Requ...
6.82016-04-12CVE-2016-2118NetworkMediumNone Requ...
42016-03-13CVE-2015-7560NetworkLowRequires ...
52015-12-29CVE-2015-5299NetworkLowNone Requ...
4.32015-12-29CVE-2015-5296NetworkMediumNone Requ...
52014-03-14CVE-2013-4496NetworkLowNone Requ...
8.32013-12-10CVE-2013-4408Adjacent ...LowNone Requ...
3.62013-12-03CVE-2012-6150NetworkHighRequires ...
42013-11-13CVE-2013-4475NetworkHighNone Requ...
52013-08-05CVE-2013-4124NetworkLowNone Requ...
42013-03-26CVE-2013-0454NetworkLowRequires ...
5.12013-02-02CVE-2013-0214NetworkHighNone Requ...
5.12013-02-02CVE-2013-0213NetworkHighNone Requ...

CWE : Common Weakness Enumeration

%idName
26% (10)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
15% (6)CWE-20Improper Input Validation
13% (5)CWE-254Security Features
10% (4)CWE-264Permissions, Privileges, and Access Controls
5% (2)CWE-352Cross-Site Request Forgery (CSRF)
Hide | Show 9 More...
%idName
5% (2)CWE-200Information Exposure
5% (2)CWE-189Numeric Errors
2% (1)CWE-522Insufficiently Protected Credentials
2% (1)CWE-310Cryptographic Issues
2% (1)CWE-284Access Control (Authorization) Issues
2% (1)CWE-275Permission Issues
2% (1)CWE-255Credentials Management
2% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-47Buffer Overflow via Parameter Expansion

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:21206RHSA-2013:1806: samba and samba3x security update (Important)
oval:org.mitre.oval:def:20821DSA-2812-1 samba - several
oval:org.mitre.oval:def:20652USN-2054-1 -- samba vulnerabilities
oval:org.mitre.oval:def:23855ELSA-2013:1806: samba and samba3x security update (Important)
oval:org.mitre.oval:def:23482DEPRECATED: ELSA-2013:1806: samba and samba3x security update (Important)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:25148SUSE-SU-2014:0024-1 -- Security update for Samba
oval:org.mitre.oval:def:26318SUSE-SU-2014:0839-1 -- Security update for Samba
oval:org.mitre.oval:def:27279DEPRECATED: ELSA-2013-1806 -- samba and samba3x security update (important)
oval:org.mitre.oval:def:642HP-Samba DACL Remote Integer Overflow Vulnerability (CIFS A.02)
oval:org.mitre.oval:def:1459HP-Samba DACL Remote Integer Overflow Vulnerability (CIFS A.01)
oval:org.mitre.oval:def:10236Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3....
oval:org.mitre.oval:def:24260RHSA-2014:0330: samba and samba3x security update (Moderate)
oval:org.mitre.oval:def:24242USN-2156-1 -- samba vulnerability
oval:org.mitre.oval:def:24559ELSA-2014:0330: samba and samba3x security update (Moderate)
oval:org.mitre.oval:def:24494DEPRECATED: ELSA-2014:0330: samba and samba3x security update (Moderate)
oval:org.mitre.oval:def:25152SUSE-SU-2014:0497-1 -- Security update for Samba
oval:org.mitre.oval:def:25353SUSE-SU-2014:0901-1 -- Security update for Samba
oval:org.mitre.oval:def:26958DEPRECATED: ELSA-2014-0330 -- samba and samba3x security update (moderate)
oval:org.mitre.oval:def:9944smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4...
oval:org.mitre.oval:def:7090smbd DOS vulnerability via unanticipated oplock break notification reply packet
oval:org.mitre.oval:def:7515DSA-2004 samba -- several vulnerabilities
oval:org.mitre.oval:def:20631VMware ESXi and ESX updates to third party library and ESX Service Console
oval:org.mitre.oval:def:13168DSA-2004-1 samba -- several
oval:org.mitre.oval:def:20644VMware ESXi and ESX updates to third party library and ESX Service Console
oval:org.mitre.oval:def:21898RHSA-2011:0305: samba security update (Important)

SAINT Exploits

DescriptionLink
Samba lsa_io_trans_names buffer overflowMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
74872Samba smbfs mount.cifs / umount.cifs RLIMIT_FSIZE Value Handling mtab Local C...
74871Samba mount.cifs Tool Share / Directory Name Newline Injection mtab Corruptio...
74072Samba SWAT Change Password Page user Field XSS
74071Samba SWAT Multiple Function CSRF
71268Samba FD_SET Macro Memory Corruption
Hide | Show 20 More...
idDescription
67994Samba sid_parse() Function SID Parsing Remote Overflow
65518Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption
65436Samba smbd sesssetup.c Session Setup AndX Security Blob Length Value Uninitia...
65435Samba smbd process.c chain_reply Function Session Setup AndX Request NULL Der...
62155Samba smbfs mount.cifs client/mount.cifs.c Crafted String mtab Corruption Loc...
58520Samba SUID mount.cifs --verbose Argument Arbitrary File Portion Disclosure
58519Samba smbd Crafted SMB Request Remote CPU Consumption DoS
55411Samba smbd/posix_acls.c acl_group_override Function Remote Access Control Lis...
39191Samba nmdb send_mailslot() Function GETDC mailslot Request Remote Overflow
39180Samba nmbd Crafted GETDC mailslot Request Remote Overflow
39179Samba nmbd nmbd/nmbd_packets.c reply_netbios_packet Function Remote Overflow
34733Samba DFS RPC Interface DFSEnum Request Remote Overflow
34732Samba SPOOLSS RPC Interface RFNPCNEX Request Remote Overflow
34731Samba SRVSVC RPC Interface NetSetFileSecurity Request Remote Overflow
34700Samba Unfiltered MS-RPC Calls Arbitrary Remote Command Execution
34699Samba LSA RPC Interface Multiple Function Remote Overflow
23282Samba Unspecified Remote Memory Leak Information Disclosure
12422Samba smbd Security Descriptor Parsing Remote Overflow
11782Samba QFILEPATHINFO Unicode Filename Request Handler Overflow
10990HP CIFS Server Arbitrary File Access

ExploitDB Exploits

idDescription
27778Samba nttrans Reply - Integer Overflow Vulnerability
17577SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC
16320Samba "username map script" Command Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-13Name : SuSE Update for update openSUSE-SU-2012:0507-1 (update)
File : nvt/gb_suse_2012_0507_1.nasl
2012-09-10Name : Slackware Advisory SSA:2011-210-03 samba
File : nvt/esoft_slk_ssa_2011_210_03.nasl
2012-08-30Name : Fedora Update for samba FEDORA-2012-5793
File : nvt/gb_fedora_2012_5793_samba_fc17.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-22 (Samba)
File : nvt/glsa_201206_22.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-29 (mount-cifs)
File : nvt/glsa_201206_29.nasl
Hide | Show 20 More...
idDescription
2012-08-03Name : Mandriva Update for samba MDVSA-2012:055 (samba)
File : nvt/gb_mandriva_MDVSA_2012_055.nasl
2012-08-02Name : SuSE Update for samba openSUSE-SU-2012:0508-1 (samba)
File : nvt/gb_suse_2012_0508_1.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2011:1219 centos5 x86_64
File : nvt/gb_CESA-2011_1219_libsmbclient_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for samba CESA-2011:1219 centos4 x86_64
File : nvt/gb_CESA-2011_1219_samba_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for samba3x CESA-2011:1220 centos5 x86_64
File : nvt/gb_CESA-2011_1220_samba3x_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2011:0305 centos5 x86_64
File : nvt/gb_CESA-2011_0305_libsmbclient_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for samba3x CESA-2011:0306 centos5 x86_64
File : nvt/gb_CESA-2011_0306_samba3x_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2012:0465 centos5
File : nvt/gb_CESA-2012_0465_libsmbclient_centos5.nasl
2012-07-30Name : CentOS Update for libsmbclient CESA-2012:0465 centos6
File : nvt/gb_CESA-2012_0465_libsmbclient_centos6.nasl
2012-07-30Name : CentOS Update for samba3x CESA-2012:0466 centos5
File : nvt/gb_CESA-2012_0466_samba3x_centos5.nasl
2012-07-09Name : RedHat Update for samba and cifs-utils RHSA-2011:1221-01
File : nvt/gb_RHSA-2011_1221-01_samba_and_cifs-utils.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-05-17Name : Fedora Update for samba4 FEDORA-2012-6382
File : nvt/gb_fedora_2012_6382_samba4_fc16.nasl
2012-05-04Name : Fedora Update for samba4 FEDORA-2012-6349
File : nvt/gb_fedora_2012_6349_samba4_fc15.nasl
2012-05-04Name : Fedora Update for samba FEDORA-2012-6999
File : nvt/gb_fedora_2012_6999_samba_fc15.nasl
2012-05-04Name : Fedora Update for samba FEDORA-2012-7006
File : nvt/gb_fedora_2012_7006_samba_fc16.nasl
2012-04-30Name : FreeBSD Ports: samba34
File : nvt/freebsd_samba342.nasl
2012-04-30Name : Debian Security Advisory DSA 2450-1 (samba)
File : nvt/deb_2450_1.nasl
2012-04-23Name : Fedora Update for samba FEDORA-2012-5805
File : nvt/gb_fedora_2012_5805_samba_fc15.nasl
2012-04-16Name : Fedora Update for samba FEDORA-2012-5843
File : nvt/gb_fedora_2012_5843_samba_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-B-0131Multiple Vulnerabilities in Samba
Severity : Category I - VMSKEY : V0042303
2013-B-0082Samba Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0039910
2012-A-0020Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4674 - Type : NETBIOS - Revision : 4
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4673 - Type : NETBIOS - Revision : 4
2014-01-10SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4672 - Type : NETBIOS - Revision : 4
2014-01-10SMB NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4671 - Type : NETBIOS - Revision : 4
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4670 - Type : NETBIOS - Revision : 3
Hide | Show 20 More...
DateDescription
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4669 - Type : NETBIOS - Revision : 3
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4668 - Type : NETBIOS - Revision : 3
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4667 - Type : NETBIOS - Revision : 3
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4666 - Type : NETBIOS - Revision : 2
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4665 - Type : NETBIOS - Revision : 2
2014-01-10SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4664 - Type : NETBIOS - Revision : 2
2014-01-10SMB NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4663 - Type : NETBIOS - Revision : 2
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4662 - Type : NETBIOS - Revision : 4
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4661 - Type : NETBIOS - Revision : 4
2014-01-10SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4660 - Type : NETBIOS - Revision : 4
2014-01-10SMB NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4659 - Type : NETBIOS - Revision : 4
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4658 - Type : NETBIOS - Revision : 3
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4657 - Type : NETBIOS - Revision : 3
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4656 - Type : NETBIOS - Revision : 3
2014-01-10SMB-DS NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4655 - Type : NETBIOS - Revision : 3
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4654 - Type : NETBIOS - Revision : 2
2014-01-10SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4653 - Type : NETBIOS - Revision : 2
2014-01-10SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4652 - Type : NETBIOS - Revision : 2
2014-01-10SMB NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4651 - Type : NETBIOS - Revision : 2
2018-01-03Samba unsigned connections attempt
RuleID : 45074 - Type : SERVER-SAMBA - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing one or more security updates.
File : fedora_2018-bc22d6c7bc.nasl - Type : ACT_GATHER_INFO
2018-12-20Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1126.nasl - Type : ACT_GATHER_INFO
2018-12-17Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-3056.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2789.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2791.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-08-22Name : The remote Fedora host is missing a security update.
File : fedora_2018-8e4d871867.nasl - Type : ACT_GATHER_INFO
2018-08-20Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-229-02.nasl - Type : ACT_GATHER_INFO
2018-08-15Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4271.nasl - Type : ACT_GATHER_INFO
2018-08-15Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c4e9a4279fc211e8802a000c29a1e3ec.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-f0c18420e8.nasl - Type : ACT_GATHER_INFO
2017-12-14Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1316.nasl - Type : ACT_GATHER_INFO
2017-12-01Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-3155-1.nasl - Type : ACT_GATHER_INFO
2017-11-13Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2971-1.nasl - Type : ACT_GATHER_INFO
2017-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-3110.nasl - Type : ACT_GATHER_INFO
2017-10-18Name : The remote Fedora host is missing a security update.
File : fedora_2017-581be259ef.nasl - Type : ACT_GATHER_INFO
2017-10-16Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2726-1.nasl - Type : ACT_GATHER_INFO
2017-10-13Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-909.nasl - Type : ACT_GATHER_INFO
2017-10-13Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2715-1.nasl - Type : ACT_GATHER_INFO
2017-10-12Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1146.nasl - Type : ACT_GATHER_INFO
2017-10-12Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1147.nasl - Type : ACT_GATHER_INFO
2017-10-12Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2704-1.nasl - Type : ACT_GATHER_INFO
2017-10-11Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2695-1.nasl - Type : ACT_GATHER_INFO
2017-10-10Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1233.nasl - Type : ACT_GATHER_INFO
2017-10-10Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1234.nasl - Type : ACT_GATHER_INFO
2017-10-06Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-2858.nasl - Type : ACT_GATHER_INFO