Max CVSS | 4.3 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-16841 | 4.0 |
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validl
|
29-08-2022 - 20:04 | 28-11-2018 - 14:29 | |
CVE-2018-16851 | 4.0 |
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory obj
|
29-08-2022 - 20:03 | 28-11-2018 - 14:29 | |
CVE-2018-16852 | 3.5 |
Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZO
|
09-10-2019 - 23:36 | 28-11-2018 - 14:29 | |
CVE-2018-16857 | 4.3 |
Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. The primary risk from this
|
09-10-2019 - 23:36 | 28-11-2018 - 14:29 | |
CVE-2018-16853 | 4.3 |
Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samb
|
09-10-2019 - 23:36 | 28-11-2018 - 14:29 | |
CVE-2018-14629 | 4.0 |
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denia
|
09-10-2019 - 23:35 | 28-11-2018 - 14:29 |