Page 13 of 125 results (0.014 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal. Se encontró un fallo en la implementación de Heimdal KDC de samba, versiones 4.8.x hasta 4.8.12 excluyéndola, versiones 4.9.x hasta 4.9.8 excluyéndola, y versiones 4.10.x hasta 4.10.3 excluyéndola, cuando es usado en modo AD DC . Un atacante de tipo man in the middle podría usar este fallo para interceptar la petición al KDC y reemplazar el nombre de usuario (principal) en la petición con cualquier nombre de usuario (principal) deseado que exista en el KDC obteniendo efectivamente un ticket para este principal. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html http://seclists.org/fulldisclosure/2019/Aug/11 http://seclists.org/fulldisclosure/2019/Aug/13 http://seclists.org/fulldisclosure/2019/Aug/14 http://seclists.org/fulldisclosure/2019/Aug/15 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16860 https://seclists.org/bugtraq/2019/Aug/21 https://seclists.org/bugtraq/2019/Aug/22 https://seclists.org/bugtraq/2019/Aug/23 https://seclists.org/bugtr • CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 1

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870 https://bugzilla.samba.org/show_bug.cgi?id=13834 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA https://support.f5.com/csp/article/K20804356 https://www.samba.org/samba/security/CVE-2019-3870.html https://www.synology.com/security/advisory/Synology_SA_19 • CWE-276: Incorrect Default Permissions •

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable. Se encontró un fallo en la forma en que samba implementó RPC endpoint, que emula la API de servicios de registro de Windows. Un atacante sin privilegios podría usar este defecto para crear un nuevo archivo de registro hive en cualquier lugar que tenga permisos Unix, lo que podría llevar a la creación de un nuevo archivo en el recurso compartido de Samba. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00106.html https://access.redhat.com/errata/RHSA-2019:1966 https://access.redhat.com/errata/RHSA-2019:1967 https://access.redhat.com/errata/RHSA-2019:2099 https://access.redhat.com/errata/RHSA-2019:3582 https://access.redhat.com/security/cve/cve-2019-3880 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3880 https://lists.debian.org/d • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service. Se ha detectado un fallo en la manera en la que una expresión de búsqueda LDAP podría provocar el cierre inesperado del proceso del servidor LDAP de un AD DC de samba en samba en versiones anteriores a la 4.10. Un usuario autenticado con permisos de lectura en el servidor LDAP podría aprovechar este fallo para provocar una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00035.html http://www.securityfocus.com/bid/107347 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3824 https://bugzilla.samba.org/show_bug.cgi?id=13773 https://lists.debian.org/debian-lts-announce/2019/03/msg00000.html https://security.netapp.com/advisory/ntap-20190226-0001 https://usn.ubuntu.com/3895-1 https://www.debian.org/security/2019/dsa-4397 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0

Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration. Additionally, Samba 4.7.12, 4.8.7 and 4.9.3 have been issued as security releases to prevent building of the AD DC with MIT Kerberos unless --with-experimental-mit-ad-dc is specified to the configure command. Samba, desde la versión 4.7.0, tiene una vulnerabilidad que permite que un usuario en el dominio Samba AD provoque el cierre inesperado del KDC cuando Samba se incluye en la configuración de MIT Kerberos que no es la predeterminada. • http://www.securityfocus.com/bid/106026 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16853 https://security.gentoo.org/glsa/202003-52 https://security.netapp.com/advisory/ntap-20181127-0001 https://www.samba.org/samba/security/CVE-2018-16853.html • CWE-400: Uncontrolled Resource Consumption •