Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Samba Number Of NVD 208 CRITICAL 6 HIGH 78 MEDIUM 106 LOW 18
URL https://www.samba.org/
Explanation Samba is the standard Windows interoperability suite of programs for Linux and Unix.

Samba is Free Software licensed under the GNU General Public License, the Samba project is a member of the Software Freedom Conservancy.

Since 1992, Samba has provided secure, stable and fast file and print services for all clients using the SMB/CIFS protocol, such as all versions of DOS and Windows, OS/2, Linux and many others.

Samba is an important component to seamlessly integrate Linux/Unix Servers and Desktops into Active Directory environments. It can function both as a domain controller or as a regular domain member.

Excerpted and translated from [https://www.samba.org/
Tag
  • GPL v3
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.samba.org/samba/history/
2 https://wiki.samba.org/index.php/Samba_Release_Planning
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
191 Samba 4.19 4.19.9 Oct. 17, 2024 Sept. 4, 2023 1 0 5 0
192 Samba 4.18 4.18.11 March 13, 2024 March 8, 2023 1 1 12 0
193 Samba 4.17 4.17.12 Oct. 10, 2023 Sept. 13, 2022 2 5 15 0
194 Samba 4.16 4.16.11 July 19, 2023 March 21, 2022 3 8 14 0
195 Samba 4.15 4.15.13 Dec. 15, 2022 Sept. 20, 2021 3 14 16 0
196 Samba 4.14 4.14.14 July 27, 2022 March 9, 2021 2 16 19 0
197 Samba 4.13 4.13.17 Jan. 31, 2022 Sept. 22, 2020 2 16 22 1
198 Samba 4.12 4.12.15 April 29, 2021 March 3, 2020 2 17 26 1
199 Samba 4.11 4.11.17 Dec. 3, 2020 Sept. 17, 2019 3 17 33 1
200 Samba 4.10 4.10.18 Sept. 18, 2019 March 19, 2019 3 18 38 1
201 Samba 4.9 4.9.18 Jan. 21, 2020 Sept. 13, 2018 Jan. 1, 2000 3 16 43 1
202 Samba 4.8 4.8.12 May 14, 2019 March 13, 2018 Jan. 1, 2000 2 18 40 1
203 Samba 4.7 4.7.12 Nov. 27, 2018 Sept. 20, 2017 Jan. 1, 2000 3 19 40 1
204 Samba 4.5 4.5.16 March 13, 2018 Sept. 7, 2016 Jan. 1, 2000 4 24 41 1
205 Samba 4.3 4.3.13 Dec. 19, 2016 Sept. 8, 2015 Jan. 1, 2000 4 30 49 1
206 Samba 4.2 4.22.1 April 17, 2025 March 4, 2015 Jan. 1, 2000 4 31 47 1
207 Samba 4.1 4.19.9 Oct. 17, 2024 Jan. 11, 2013 Jan. 1, 2000 5 34 52 6
208 Samba 4.0 4.0.26 May 6, 2015 Dec. 11, 2012 Jan. 1, 2000 4 34 53 7
209 Samba 3.6 3.6.25 Feb. 23, 2015 Aug. 9, 2011 Jan. 1, 2000 3 16 37 5
210 Samba 3.5 3.5.22 Aug. 5, 2013 March 1, 2010 Jan. 1, 2000 3 16 34 6
211 Samba 3.4 3.4.17 April 30, 2012 July 3, 2009 Jan. 1, 2000 2 15 37 8
212 Samba 3.3 3.3.16 July 26, 2011 Jan. 27, 2009 Jan. 1, 2000 2 16 35 8
213 Samba 3.2 3.2.15 Oct. 1, 2009 July 1, 2008 Jan. 1, 2000 2 17 37 7
214 Samba 3.0 3.0.37 Oct. 1, 2009 Sept. 24, 2003 Jan. 1, 2000 2 30 42 7
215 Samba 4.6 4.6.9 Aug. 14, 2018 Jan. 1, 2000 4 23 38 1
216 Samba 4.4 4.4.9 Sept. 20, 2017 Jan. 1, 2000 4 27 46 1
217 Samba 3.1 3.1.0 Jan. 1, 2000 2 15 24 5
218 Samba 2.2a 2.2a Jan. 1, 2000 2 12 18 4
219 Samba 2.2 2.2.12 Sept. 29, 2004 Jan. 1, 2000 2 20 20 5
220 Samba 2.18 2.18.3 Jan. 1, 2000 2 12 17 4
221 Samba 2.0 2.0.9 Jan. 1, 2000 2 23 22 7
222 Samba 1.9 1.9.18 Jan. 7, 1998 Jan. 1, 2000 2 13 20 5
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
191 -
10.0 		HIGH Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than … NVD-CWE-Other
CVE-2003-0196 cpe:2.3:a:samba:samba:2.2.8:*
cpe:2.3:a:samba:samba:2.2.7a:*
cpe:2.3:a:samba:samba:2.2.7:*
cpe:2.3:a:samba:sam… 		2018-10-31 01:26
2003-05-5 		Show GitHub Exploit DB Packet Storm
192 -
10.0 		HIGH Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary … NVD-CWE-Other
CVE-2003-0201 cpe:2.3:a:samba:samba:2.2.8:*
cpe:2.3:a:samba:samba:2.2.7a:*
cpe:2.3:a:samba:samba:2.2.7:*
cpe:2.3:a:samba:sam… 		2018-10-31 01:26
2003-05-5 		Show GitHub Exploit DB Packet Storm
193 -
10.0 		HIGH Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2003-0085 cpe:2.3:a:samba:samba:2.2.7a:*
cpe:2.3:a:samba:samba:2.2.7:*
cpe:2.3:a:samba:samba:2.2.6:*
cpe:2.3:a:samba:sam… 		2018-10-20 00:29
2003-03-31 		Show GitHub Exploit DB Packet Storm
194 -
1.2 		LOW The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. NVD-CWE-Other
CVE-2003-0086 cpe:2.3:a:samba:samba:2.2.7a:*
cpe:2.3:a:samba:samba:2.2.7:*
cpe:2.3:a:samba:samba:2.2.6:*
cpe:2.3:a:samba:sam… 		2018-10-20 00:29
2003-03-31 		Show GitHub Exploit DB Packet Storm
195 -
7.5 		HIGH Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2002-2196 cpe:2.3:a:samba:samba:2.2a:*
cpe:2.3:a:samba:samba:2.2.3a:*
cpe:2.3:a:samba:samba:2.2.1a:*
cpe:2.3:a:samba:sam… 		2.2.4 2008-09-6 05:32
2002-12-31 		Show GitHub Exploit DB Packet Storm
196 -
10.0 		HIGH Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decrypt… NVD-CWE-Other
CVE-2002-1318 cpe:2.3:a:samba:samba:2.2.6:*
cpe:2.3:a:samba:samba:2.2.5:*
cpe:2.3:a:samba:samba:2.2.4:*
cpe:2.3:a:samba:samb… 		2018-05-3 10:29
2002-12-11 		Show GitHub Exploit DB Packet Storm
197 -
2.1 		LOW Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. NVD-CWE-Other
CVE-2001-0406 cpe:2.3:a:samba:samba:*:* 2.0.7 2008-09-6 05:24
2001-07-2 		Show GitHub Exploit DB Packet Storm
198 -
10.0 		HIGH Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is use… NVD-CWE-Other
CVE-2001-1162 cpe:2.3:a:samba:samba:2.2.0:*
cpe:2.3:a:samba:samba:2.0.9:*
cpe:2.3:a:samba:samba:2.0.8:*
cpe:2.3:a:samba:samb… 		2017-10-10 10:30
2001-06-23 		Show GitHub Exploit DB Packet Storm
199 -
7.2 		HIGH Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. NVD-CWE-Other
CVE-2000-0935 cpe:2.3:a:samba:samba:2.0.7:* 2017-10-10 10:29
2000-12-19 		Show GitHub Exploit DB Packet Storm
200 -
2.1 		LOW Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and pa… NVD-CWE-Other
CVE-2000-0936 cpe:2.3:a:samba:samba:2.0.7:* 2017-10-10 10:29
2000-12-19 		Show GitHub Exploit DB Packet Storm