CVE-2000-0937

Samba <2.0.7 - Info Disclosure

Title source: llm

Description

Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.

Exploits (1)

exploitdb WORKING POC VERIFIED

by dodeca-T · cremoteunix

https://www.exploit-db.com/exploits/20340

View Code ZIP pw:eip

References (3)

[Exploit, Patch, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/5442

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/1873

Scores

EPSS 0.0384

EPSS Percentile 88.2%

Details

Status published

Products (1)

samba/samba 2.0.7

Published Dec 19, 2000

Tracked Since Feb 18, 2026