CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service. | 6.5 |
Medium |
||
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. | 4.3 |
Medium |
||
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. | 5.5 |
Medium |
||
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. | 7.5 |
High |
||
MaxQueryDuration not honoured in Samba AD DC LDAP | 6.5 |
Medium |
||
Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors. | 9 |