Information on source package samba

Available versions

ReleaseVersion
jessie2:4.2.14+dfsg-0+deb8u16
stretch2:4.5.16+dfsg-1+deb9u5
stretch (security)2:4.5.16+dfsg-1+deb9u4
buster2:4.9.5+dfsg-5+deb10u5
bullseye2:4.13.13+dfsg-1~deb11u6
bookworm2:4.17.12+dfsg-0+deb12u1
trixie2:4.21.1+dfsg-2
sid2:4.21.1+dfsg-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-42670vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedA flaw was found in Samba. It is susceptible to a vulnerability where ...
CVE-2023-42669vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA vulnerability was found in Samba's "rpcecho" development server, a n ...
CVE-2023-34968vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedA path disclosure vulnerability was found in Samba. As part of the Spo ...
CVE-2023-34967vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedA Type Confusion vulnerability was found in Samba's mdssvc RPC service ...
CVE-2023-34966vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedAn infinite loop vulnerability was found in Samba's mdssvc RPC service ...
CVE-2023-4154vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA design flaw was found in Samba's DirSync control implementation, whi ...
CVE-2023-0922vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedThe Samba AD DC administration tool, when operating against a remote L ...
CVE-2023-0614vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedThe fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confident ...
CVE-2023-0225vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA flaw was found in Samba. An incomplete access check on dnsHostName a ...
CVE-2022-45141vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedSince the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerabili ...
CVE-2022-44640vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedHeimdal before 7.7.1 allows remote attackers to execute arbitrary code ...
CVE-2022-42898vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedPAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x befo ...
CVE-2022-38023vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedNetlogon RPC Elevation of Privilege Vulnerability
CVE-2022-37967vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedWindows Kerberos Elevation of Privilege Vulnerability
CVE-2022-37966vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedWindows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVE-2022-32746vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedA flaw was found in the Samba AD LDAP server. The AD DC database audit ...
CVE-2022-32744vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedA flaw was found in Samba. The KDC accepts kpasswd requests encrypted ...
CVE-2022-32743vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedSamba does not validate the Validated-DNS-Host-Name right for the dNSH ...
CVE-2022-2031vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedA flaw was found in Samba. The security vulnerability occurs when KDC ...
CVE-2022-1615fixedfixedfixedvulnerable (no DSA, ignored)fixedfixedfixedIn Samba, GnuTLS gnutls_rnd() can fail and give predictable random val ...
CVE-2022-0336vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedThe Samba AD DC includes checks when adding service principals names ( ...
CVE-2021-44141vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedAll versions of Samba prior to 4.15.5 are vulnerable to a malicious cl ...
CVE-2021-43566vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedAll versions of Samba prior to 4.13.16 are vulnerable to a malicious c ...
CVE-2021-20316vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA flaw was found in the way Samba handled file/directory metadata. Thi ...
CVE-2021-20254fixedfixedvulnerable (no DSA)fixedfixedfixedfixedA flaw was found in samba. The Samba smbd file server must map Windows ...
CVE-2021-20251vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA flaw was found in samba. A race condition in the password lockout co ...
CVE-2021-3738vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedIn DCE/RPC it is possible to share the handles (cookies for resource s ...
CVE-2021-3671vulnerable (no DSA, ignored)vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedfixedA null pointer de-reference was found in the way samba kerberos server ...
CVE-2021-3670vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedMaxQueryDuration not honoured in Samba AD DC LDAP
CVE-2020-25722vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedMultiple flaws were found in the way samba AD DC implemented access an ...
CVE-2020-25721vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedKerberos acceptors need easy access to stable AD identifiers (eg objec ...
CVE-2020-25720vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA vulnerability was found in Samba where a delegated administrator wit ...
CVE-2020-25719vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedA flaw was found in the way Samba, as an Active Directory Domain Contr ...
CVE-2020-25718vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedA flaw was found in the way samba, as an Active Directory Domain Contr ...
CVE-2020-25717vulnerablefixedfixedfixedfixedfixedfixedA flaw was found in the way Samba maps domain users to local users. An ...
CVE-2020-14303fixedfixedvulnerable (no DSA, postponed)fixedfixedfixedfixedA flaw was found in the AD DC NBT server in all Samba versions before ...
CVE-2020-10760fixedfixedvulnerable (no DSA, postponed)fixedfixedfixedfixedA use-after-free flaw was found in all samba LDAP server versions befo ...
CVE-2020-10745fixedfixedvulnerable (no DSA, postponed)fixedfixedfixedfixedA flaw was found in all Samba versions before 4.10.17, before 4.11.11 ...
CVE-2020-10730fixedfixedvulnerable (no DSA, postponed)fixedfixedfixedfixedA NULL pointer dereference, or possible use-after-free flaw was found ...
CVE-2020-10704fixedfixedvulnerable (no DSA, postponed)fixedfixedfixedfixedA flaw was found when using samba as an Active Directory Domain Contro ...
CVE-2020-1472fixedfixedvulnerable (no DSA)fixedfixedfixedfixedAn elevation of privilege vulnerability exists when an attacker establ ...
CVE-2019-14907vulnerable (no DSA)fixedfixedfixedfixedfixedfixedAll samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11 ...
CVE-2019-14902vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedThere is an issue in all samba 4.11.x versions before 4.11.5, all samb ...
CVE-2019-14870vulnerable (no DSA)fixedvulnerable (no DSA, ignored)fixedfixedfixedfixedAll Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11 ...
CVE-2019-14861vulnerable (no DSA)fixedvulnerable (no DSA, ignored)fixedfixedfixedfixedAll Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11 ...
CVE-2019-14847vulnerable (no DSA)fixedfixedfixedfixedfixedfixedA flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x b ...
CVE-2019-14833vulnerable (no DSA)fixedfixedfixedfixedfixedfixedA flaw was found in Samba, all versions starting samba 4.5.0 before sa ...
CVE-2019-10218vulnerable (no DSA)fixedfixedfixedfixedfixedfixedA flaw was found in the samba client, all samba versions before samba ...
CVE-2018-14628vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, postponed)fixedfixedAn information leak vulnerability was discovered in Samba's LDAP serve ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-20277vulnerablevulnerablevulnerablevulnerablefixedfixedfixedA flaw was found in Samba's libldb. Multiple, consecutive leading spac ...
CVE-2020-27840vulnerablevulnerablevulnerablevulnerablefixedfixedfixedA flaw was found in samba. Spaces used in a string around a domain nam ...
CVE-2019-3824vulnerablevulnerablefixedfixedfixedfixedfixedA flaw was found in the way an LDAP search expression could crash the ...

Resolved issues

BugDescription
TEMP-0514151-B17364samba: Account locking out doesnt work with an LDAP backend
CVE-2023-5568A heap-based Buffer Overflow flaw was discovered in Samba. It could al ...
CVE-2023-4091A vulnerability was discovered in Samba, where the flaw allows SMB cli ...
CVE-2023-3961A path traversal vulnerability was identified in Samba when processing ...
CVE-2023-3347A vulnerability was found in Samba's SMB2 packet signing mechanism. Th ...
CVE-2022-32745A flaw was found in Samba. Samba AD users can cause the server to acce ...
CVE-2022-32742A flaw was found in Samba. Some SMB1 write requests were not correctly ...
CVE-2022-3592A symlink following vulnerability was found in Samba, where a user can ...
CVE-2022-3437A heap-based buffer overflow vulnerability was found in Samba within t ...
CVE-2022-2127An out-of-bounds read vulnerability was found in Samba due to insuffic ...
CVE-2021-44142The Samba vfs_fruit module uses extended file attributes (EA, xattr) t ...
CVE-2021-23192A flaw was found in the way samba implemented DCE/RPC. If a client to ...
CVE-2020-14383A flaw was found in samba's DNS server. An authenticated user could us ...
CVE-2020-14323A null pointer dereference flaw was found in samba's Winbind service i ...
CVE-2020-14318A flaw was found in the way samba handled file and directory permissio ...
CVE-2020-10700A use-after-free flaw was found in the way samba AD DC LDAP servers, h ...
CVE-2019-19344There is a use-after-free issue in all samba 4.9.x versions before 4.9 ...
CVE-2019-12436Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to ...
CVE-2019-12435Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer d ...
CVE-2019-10197A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up ...
CVE-2019-3880A flaw was found in the way samba implemented an RPC endpoint emulatin ...
CVE-2019-3870A vulnerability was found in Samba from version (including) 4.9 to ver ...
CVE-2018-16860A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x ...
CVE-2018-16857Samba from version 4.9.0 and before version 4.9.3 that have AD DC conf ...
CVE-2018-16853Samba from version 4.7.0 has a vulnerability that allows a user in a S ...
CVE-2018-16852Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a N ...
CVE-2018-16851Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is v ...
CVE-2018-16841Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 a ...
CVE-2018-14629A denial of service vulnerability was discovered in Samba's LDAP serve ...
CVE-2018-10919The Samba Active Directory LDAP server was vulnerable to an informatio ...
CVE-2018-10918A null pointer dereference flaw was found in the way samba checked dat ...
CVE-2018-10858A heap-buffer overflow was found in the way samba clients processed ex ...
CVE-2018-1140A missing input sanitization flaw was found in the implementation of L ...
CVE-2018-1139A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the u ...
CVE-2018-1057On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 ...
CVE-2018-1050All versions of Samba from 4.0.0 onwards are vulnerable to a denial of ...
CVE-2017-15275Samba before 4.7.3 might allow remote attackers to obtain sensitive in ...
CVE-2017-15087It was discovered that the fix for CVE-2017-12163 was not properly shi ...
CVE-2017-15086It was discovered that the fix for CVE-2017-12151 was not properly shi ...
CVE-2017-15085It was discovered that the fix for CVE-2017-12150 was not properly shi ...
CVE-2017-14746Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote a ...
CVE-2017-12163An information leak flaw was found in the way SMB1 protocol was implem ...
CVE-2017-12151A flaw was found in the way samba client before samba 4.4.16, samba 4. ...
CVE-2017-12150It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x ...
CVE-2017-11103Heimdal before 7.4 allows remote attackers to impersonate services wit ...
CVE-2017-9461smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of ser ...
CVE-2017-7494Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulne ...
CVE-2017-2619Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a mali ...
CVE-2016-2126Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation d ...
CVE-2016-2125It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always re ...
CVE-2016-2124A flaw was found in the way samba implemented SMB1 authentication. An ...
CVE-2016-2123A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine n ...
CVE-2016-2119libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3 ...
CVE-2016-2118The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x ...
CVE-2016-2115Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before ...
CVE-2016-2114The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x bef ...
CVE-2016-2113Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 do ...
CVE-2016-2112The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4. ...
CVE-2016-2111The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before ...
CVE-2016-2110The NTLMSSP authentication implementation in Samba 3.x and 4.x before ...
CVE-2016-0771The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9 ...
CVE-2015-8467The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_m ...
CVE-2015-7560The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4. ...
CVE-2015-7540The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 ...
CVE-2015-5370Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before ...
CVE-2015-5330ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4 ...
CVE-2015-5299The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_c ...
CVE-2015-5296Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before ...
CVE-2015-5252vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, ...
CVE-2015-3223The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, ...
CVE-2015-0240The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x be ...
CVE-2014-8143Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc ...
CVE-2014-3560NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4 ...
CVE-2014-3493The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x be ...
CVE-2014-0244The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x ...
CVE-2014-0239The internal DNS server in Samba 4.x before 4.0.18 does not check the ...
CVE-2014-0178Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1. ...
CVE-2013-6442The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before ...
CVE-2013-4496Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 d ...
CVE-2013-4476Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is ...
CVE-2013-4475Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1. ...
CVE-2013-4408Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done functi ...
CVE-2013-4124Integer overflow in the read_nttrans_ea_list function in nttrans.c in ...
CVE-2013-0454The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IB ...
CVE-2013-0214Cross-site request forgery (CSRF) vulnerability in the Samba Web Admin ...
CVE-2013-0213The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3 ...
CVE-2013-0172Samba 4.0.x before 4.0.1, in certain Active Directory domain-controlle ...
CVE-2012-6150The winbind_name_list_to_sid_string_list function in nsswitch/pam_winb ...
CVE-2012-2111The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) ...
CVE-2012-1182The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14 ...
CVE-2012-0870Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used ...
CVE-2012-0817Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attacker ...
CVE-2011-3585Multiple race conditions in the (1) mount.cifs and (2) umount.cifs pro ...
CVE-2011-2724The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs ...
CVE-2011-2694Cross-site scripting (XSS) vulnerability in the chg_passwd function in ...
CVE-2011-2522Multiple cross-site request forgery (CSRF) vulnerabilities in the Samb ...
CVE-2011-1678smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to app ...
CVE-2011-0719Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 d ...
CVE-2010-3069Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse ...
CVE-2010-2063Buffer overflow in the SMB1 packet chaining implementation in the chai ...
CVE-2010-1642The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Sa ...
CVE-2010-1635The chain_reply function in process.c in smbd in Samba before 3.4.8 an ...
CVE-2010-0926The default configuration of smbd in Samba before 3.3.11, 3.4.x before ...
CVE-2010-0787client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3 ...
CVE-2010-0728smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled ...
CVE-2010-0547client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier ...
CVE-2009-2948mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3 ...
CVE-2009-2906smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, ...
CVE-2009-2813Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.1 ...
CVE-2009-1888The acl_group_override function in smbd/posix_acls.c in smbd in Samba ...
CVE-2009-1886Multiple format string vulnerabilities in client/client.c in smbclient ...
CVE-2009-0022Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows re ...
CVE-2008-4314smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to rea ...
CVE-2008-3789Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb ...
CVE-2008-1105Heap-based buffer overflow in the receive_smb_raw function in util/soc ...
CVE-2007-6015Stack-based buffer overflow in the send_mailslot function in nmbd in S ...
CVE-2007-5398Stack-based buffer overflow in the reply_netbios_packet function in nm ...
CVE-2007-4572Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, wh ...
CVE-2007-4138The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in ...
CVE-2007-2447The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allo ...
CVE-2007-2446Multiple heap-based buffer overflows in the NDR parsing in smbd in Sam ...
CVE-2007-2444Logic error in the SID/Name translation functionality in smbd in Samba ...
CVE-2007-2407The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows fi ...
CVE-2007-0454Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 ...
CVE-2007-0453Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 throug ...
CVE-2007-0452smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users ...
CVE-2006-3403The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows ...
CVE-2006-1059The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trus ...
CVE-2004-2546Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a ...
CVE-2004-1154Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x thr ...
CVE-2004-0930The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other ve ...
CVE-2004-0882Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x th ...
CVE-2004-0829smbd in Samba before 2.2.11 allows remote attackers to cause a denial ...
CVE-2004-0815The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x ...
CVE-2004-0808The process_logon_packet function in the nmbd server for Samba 3.0.6 a ...
CVE-2004-0807Samba 3.0.6 and earlier allows remote attackers to cause a denial of s ...
CVE-2004-0686Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the ...
CVE-2004-0600Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3 ...
CVE-2004-0186smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allow ...
CVE-2004-0082The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1 ...
CVE-2003-1332Stack-based buffer overflow in the reply_nttrans function in Samba 2.2 ...
CVE-2003-0201Buffer overflow in the call_trans2open function in trans2.c for Samba ...
CVE-2003-0196Multiple buffer overflows in Samba before 2.2.8a may allow remote atta ...
CVE-2003-0086The code for writing reg files in Samba before 2.2.8 allows local user ...
CVE-2003-0085Buffer overflow in the SMB/CIFS packet fragment re-assembly code for S ...
CVE-2002-2196Samba before 2.2.5 does not properly terminate the enum_csc_policy dat ...
CVE-2002-1318Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers t ...

Security announcements

DSA / DLADescription
ELA-1212-1samba - security update
ELA-1203-1samba - security update
DLA-3792-1samba - security update
DSA-5647-1samba - security update
DSA-5525-1samba - security update
DLA-3563-1samba - security update
DSA-5477-1samba - security update
DSA-5205-1samba - security update
DSA-5071-1samba - security update
DSA-5015-1samba - security update
DSA-5003-1samba - security update
DLA-2668-1samba - security update
ELA-422-1samba - security update
DLA-2463-1samba - security update
ELA-317-1samba - security update
DSA-4513-1samba - security update
DLA-1788-1samba - security update
DSA-4443-1samba - security update
DLA-1754-1samba - security update
ELA-104-1samba - security update
DSA-4427-1samba - security update
DLA-1607-1samba - security update
ELA-66-1samba - security update
DSA-4345-1samba - security update
DLA-1539-1samba - security update
ELA-35-1samba - security update
DSA-4271-1samba - security update
DLA-1320-1samba - security update
DSA-4135-1samba - security update
DSA-4043-1samba - security update
DLA-1183-1samba - security update
DLA-1110-1samba - security update
DSA-3983-1samba - security update
DSA-3909-1samba - security update
DSA-3860-1samba - security update
DLA-951-1samba - security update
DLA-894-1samba - security update
DSA-3816-2samba - regression update
DSA-3816-1samba - security update
DLA-776-1samba - security update
DSA-3740-1samba - security update
DLA-509-1samba - security update
DSA-3548-3samba - regression update
DSA-3548-2samba - regression update
DSA-3548-1samba - security update
DSA-3514-1samba - security update
DSA-3433-1samba - security update
DLA-379-1samba - security update
DSA-3171-1samba - security update
DLA-156-1samba - security update
DSA-2966-1samba - security update
DSA-2812-1samba - several
DSA-2617-1samba - several issues
DSA-2463-1samba - missing permission checks
DSA-2450-1samba - privilege escalation
DSA-2290-1samba - cross-side scripting
DSA-2175-1samba - missing input sanisiting
DSA-2109-1samba - buffer overflow
DSA-2061-1samba - arbitrary code execution
DSA-2004-1samba - several vulnerabilities
DSA-1908-1samba - several vulnerabilities
DSA-1823-1samba - several vulnerabilities
DSA-1590-1samba - arbitrary code execution
DSA-1427-1samba - buffer overflow
DSA-1409-3samba - several vulnerabilities (update)
DSA-1409-2samba - several vulnerabilities
DSA-1409-1samba - several vulnerabilities
DSA-1291-2samba
DSA-1257samba
DSA-1110samba - missing input sanitising
DSA-701-1samba - integer overflows
DSA-600-1samba - arbitrary file access
DSA-463samba - privilege escalation
DSA-280samba - buffer overflow
DSA-262samba - remote exploit
DSA-200samba - remote exploit

Search for package or bug name: Reporting problems