CVE-2021-23192 |
Medium |
Yes |
Insufficient validation |
A security issue has been found in Samba versions 4.10.0 to 4.15.1. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment... |
CVE-2021-3738 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. The AD DC RPC server can use memory that was free()ed when a sub- connection is closed. |
CVE-2020-25722 |
Medium |
Yes |
Insufficient validation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. At a number of points in the Samba AD DC per-attribute and schema based permission checks... |
CVE-2020-25721 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. Samba as an AD DC did not provide a way for Linux applications to obtain a reliable SID... |
CVE-2020-25719 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. The Samba AD DC, could become confused about the user a ticket represents if it did not... |
CVE-2020-25718 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 4.0.0 to 4.15.1. The Samba AD DC, when joined by an RODC, did not confirm if the RODC was allowed to print... |
CVE-2020-25717 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Samba versions 3.0.0 to 4.15.1. Samba may map domain users to local users in an undesired way. |