Max CVSS 6.5 Min CVSS 4.0 Total Count8
IDCVSSSummaryLast (major) updatePublished
CVE-2018-16857 None
Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. The primary risk from this
28-11-2018 - 09:29 28-11-2018 - 09:29
CVE-2018-16853 None
Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samb
28-11-2018 - 09:29 28-11-2018 - 09:29
CVE-2018-16852 None
Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZO
28-11-2018 - 09:29 28-11-2018 - 09:29
CVE-2018-16851 None
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory obj
28-11-2018 - 09:29 28-11-2018 - 09:29
CVE-2018-16841 None
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validl
28-11-2018 - 09:29 28-11-2018 - 09:29
CVE-2018-14629 None
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denia
28-11-2018 - 09:29 28-11-2018 - 09:29
CVE-2018-10919 4.0
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Sa
22-08-2018 - 13:29 22-08-2018 - 13:29
CVE-2018-10858 6.5
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and
22-08-2018 - 13:29 22-08-2018 - 13:29
Back to Top Mark selected
Back to Top