Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Samba Number Of NVD 208 CRITICAL 6 HIGH 78 MEDIUM 106 LOW 18
URL https://www.samba.org/
Explanation Samba is the standard Windows interoperability suite of programs for Linux and Unix.

Samba is Free Software licensed under the GNU General Public License, the Samba project is a member of the Software Freedom Conservancy.

Since 1992, Samba has provided secure, stable and fast file and print services for all clients using the SMB/CIFS protocol, such as all versions of DOS and Windows, OS/2, Linux and many others.

Samba is an important component to seamlessly integrate Linux/Unix Servers and Desktops into Active Directory environments. It can function both as a domain controller or as a regular domain member.

Excerpted and translated from [https://www.samba.org/
Tag
  • GPL v3
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.samba.org/samba/history/
2 https://wiki.samba.org/index.php/Samba_Release_Planning
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
181 Samba 4.19 4.19.9 Oct. 17, 2024 Sept. 4, 2023 1 0 5 0
182 Samba 4.18 4.18.11 March 13, 2024 March 8, 2023 1 1 12 0
183 Samba 4.17 4.17.12 Oct. 10, 2023 Sept. 13, 2022 2 5 15 0
184 Samba 4.16 4.16.11 July 19, 2023 March 21, 2022 3 8 14 0
185 Samba 4.15 4.15.13 Dec. 15, 2022 Sept. 20, 2021 3 14 16 0
186 Samba 4.14 4.14.14 July 27, 2022 March 9, 2021 2 16 19 0
187 Samba 4.13 4.13.17 Jan. 31, 2022 Sept. 22, 2020 2 16 22 1
188 Samba 4.12 4.12.15 April 29, 2021 March 3, 2020 2 17 26 1
189 Samba 4.11 4.11.17 Dec. 3, 2020 Sept. 17, 2019 3 17 33 1
190 Samba 4.10 4.10.18 Sept. 18, 2019 March 19, 2019 3 18 38 1
191 Samba 4.9 4.9.18 Jan. 21, 2020 Sept. 13, 2018 Jan. 1, 2000 3 16 43 1
192 Samba 4.8 4.8.12 May 14, 2019 March 13, 2018 Jan. 1, 2000 2 18 40 1
193 Samba 4.7 4.7.12 Nov. 27, 2018 Sept. 20, 2017 Jan. 1, 2000 3 19 40 1
194 Samba 4.5 4.5.16 March 13, 2018 Sept. 7, 2016 Jan. 1, 2000 4 24 41 1
195 Samba 4.3 4.3.13 Dec. 19, 2016 Sept. 8, 2015 Jan. 1, 2000 4 30 49 1
196 Samba 4.2 4.22.1 April 17, 2025 March 4, 2015 Jan. 1, 2000 4 31 47 1
197 Samba 4.1 4.19.9 Oct. 17, 2024 Jan. 11, 2013 Jan. 1, 2000 5 34 52 6
198 Samba 4.0 4.0.26 May 6, 2015 Dec. 11, 2012 Jan. 1, 2000 4 34 53 7
199 Samba 3.6 3.6.25 Feb. 23, 2015 Aug. 9, 2011 Jan. 1, 2000 3 16 37 5
200 Samba 3.5 3.5.22 Aug. 5, 2013 March 1, 2010 Jan. 1, 2000 3 16 34 6
201 Samba 3.4 3.4.17 April 30, 2012 July 3, 2009 Jan. 1, 2000 2 15 37 8
202 Samba 3.3 3.3.16 July 26, 2011 Jan. 27, 2009 Jan. 1, 2000 2 16 35 8
203 Samba 3.2 3.2.15 Oct. 1, 2009 July 1, 2008 Jan. 1, 2000 2 17 37 7
204 Samba 3.0 3.0.37 Oct. 1, 2009 Sept. 24, 2003 Jan. 1, 2000 2 30 42 7
205 Samba 4.6 4.6.9 Aug. 14, 2018 Jan. 1, 2000 4 23 38 1
206 Samba 4.4 4.4.9 Sept. 20, 2017 Jan. 1, 2000 4 27 46 1
207 Samba 3.1 3.1.0 Jan. 1, 2000 2 15 24 5
208 Samba 2.2a 2.2a Jan. 1, 2000 2 12 18 4
209 Samba 2.2 2.2.12 Sept. 29, 2004 Jan. 1, 2000 2 20 20 5
210 Samba 2.18 2.18.3 Jan. 1, 2000 2 12 17 4
211 Samba 2.0 2.0.9 Jan. 1, 2000 2 23 22 7
212 Samba 1.9 1.9.18 Jan. 7, 1998 Jan. 1, 2000 2 13 20 5
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
181 -
5.0 		MEDIUM smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demons… NVD-CWE-Other
CVE-2004-0829 cpe:2.3:a:samba:samba:2.2.9:*
cpe:2.3:a:samba:samba:2.2.8a:*
cpe:2.3:a:samba:samba:2.2.8:*
cpe:2.3:a:samba:sam… 		2017-07-11 10:30
2004-12-31 		Show GitHub Exploit DB Packet Storm
182 -
6.4 		MEDIUM Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). NVD-CWE-Other
CVE-2004-2546 cpe:2.3:a:samba:samba:3.0.5:*
cpe:2.3:a:samba:samba:3.0.4:rc1
cpe:2.3:a:samba:samba:3.0.4:*
cpe:2.3:a:samba:sa… 		2018-10-31 01:25
2004-12-31 		Show GitHub Exploit DB Packet Storm
183 -
9.3 		HIGH distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed … CWE-16
Configuration 		CVE-2004-2687 cpe:2.3:a:samba:samba:*:* 2.18.3 2008-09-5 13:00
2004-12-31 		Show GitHub Exploit DB Packet Storm
184 -
7.5 		HIGH The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified s… NVD-CWE-Other
CVE-2004-0815 cpe:2.3:a:samba:samba:3.0.2a:*
cpe:2.3:a:samba:samba:3.0.2:*
cpe:2.3:a:samba:samba:3.0.1:*
cpe:2.3:a:samba:sam… 		2018-10-31 01:25
2004-11-3 		Show GitHub Exploit DB Packet Storm
185 -
5.0 		MEDIUM Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an i… NVD-CWE-Other
CVE-2004-0807 cpe:2.3:a:samba:samba:3.0.6:*
cpe:2.3:a:samba:samba:3.0.5:*
cpe:2.3:a:samba:samba:3.0.4:rc1
cpe:2.3:a:samba:sa… 		2017-10-11 10:29
2004-09-13 		Show GitHub Exploit DB Packet Storm
186 -
10.0 		HIGH Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. NVD-CWE-Other
CVE-2004-0600 cpe:2.3:a:samba:samba:3.0.4:*
cpe:2.3:a:samba:samba:3.0.3:*
cpe:2.3:a:samba:samba:3.0.2a:*
cpe:2.3:a:samba:sam… 		2017-10-11 10:29
2004-07-27 		Show GitHub Exploit DB Packet Storm
187 -
5.0 		MEDIUM Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. NVD-CWE-Other
CVE-2004-0686 cpe:2.3:a:samba:samba:*:* 2.2.0
3.0.0

2.2.10
3.0.5 		2022-08-30 05:04
2004-07-27 		Show GitHub Exploit DB Packet Storm
188 -
7.2 		HIGH smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are … NVD-CWE-Other
CVE-2004-0186 cpe:2.3:a:samba:samba:3.0.0:*
cpe:2.3:a:samba:samba:2.0:* 		2017-10-10 10:30
2004-03-15 		Show GitHub Exploit DB Packet Storm
189 -
7.5 		HIGH The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could … NVD-CWE-Other
CVE-2004-0082 cpe:2.3:a:samba:samba:3.0.1:*
cpe:2.3:a:samba:samba:3.0.0:* 		2018-10-31 01:25
2004-03-3 		Show GitHub Exploit DB Packet Storm
190 -
7.5 		HIGH Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-… NVD-CWE-Other
CVE-2003-1332 cpe:2.3:a:samba:samba:*:* 2.2.7a 2017-07-29 10:29
2003-12-31 		Show GitHub Exploit DB Packet Storm