CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-37966 – Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37966
09 Nov 2022 — Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Kerberos RC4-HMAC de Windows Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966 •
CVSS: 8.3EPSS: 1%CPEs: 14EXPL: 0CVE-2022-37967 – Windows Kerberos Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37967
09 Nov 2022 — Windows Kerberos Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Kerberos en Windows Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967 •
CVSS: 8.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-38023 – Netlogon RPC Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38023
09 Nov 2022 — Netlogon RPC Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Netlogon RPC A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detec... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 • CWE-328: Use of Weak Hash •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3437 – Ubuntu Security Notice USN-5936-1
https://notcve.org/view.php?id=CVE-2022-3437
31 Oct 2022 — A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Se encontró una vulnerabilidad de des... • http://www.openwall.com/lists/oss-security/2023/02/08/1 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1615 – samba: GnuTLS gnutls_rnd() can fail and give predictable random values
https://notcve.org/view.php?id=CVE-2022-1615
01 Sep 2022 — In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. En Samba, la función GnuTLS gnutls_rnd() puede fallar y dar valores aleatorios predecibles A flaw was found in Samba. When the gnutls_rnd function is called, its return value is not verified, allowing it to give predictable random values when the call to the gnutls_rnd function fails. Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compat... • https://bugzilla.samba.org/show_bug.cgi?id=15103 • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-32743 – Gentoo Linux Security Advisory 202309-06
https://notcve.org/view.php?id=CVE-2022-32743
01 Sep 2022 — Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. Samba no comprueba el derecho Validated-DNS-Host-Name para el atributo dNSHostName, lo que podría permitir a usuarios no privilegiados escribirlo Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Versions greater than or equal to 4.18.4 are affected. • https://bugzilla.samba.org/show_bug.cgi?id=14833 • CWE-276: Incorrect Default Permissions •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2031 – Gentoo Linux Security Advisory 202309-06
https://notcve.org/view.php?id=CVE-2022-2031
01 Aug 2022 — A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other services. Se ha encontrado un fallo en Samba. Una vulnerabilidad de seguridad es producida cuando el KDC y el servicio kpasswd comparten una misma cuenta y un mismo conjunto de claves, lo que les permite descifrar los ... • https://security.gentoo.org/glsa/202309-06 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0CVE-2021-3670 – Gentoo Linux Security Advisory 202309-06
https://notcve.org/view.php?id=CVE-2021-3670
01 Aug 2022 — MaxQueryDuration not honoured in Samba AD DC LDAP MaxQueryDuration no es cumplido en Samba AD DC LDAP It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=2077533 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32742 – Samba SMB1 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-32742
01 Aug 2022 — A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer). Se ha encontrado un fallo en Samba. Algunas solicitudes de escritura de SMB1 no son comprobaban correctamente para asegurar que el cliente había enviado suficientes da... • https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32744 – Gentoo Linux Security Advisory 202309-06
https://notcve.org/view.php?id=CVE-2022-32744
01 Aug 2022 — A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover. Se ha encontrado un fallo en Samba. El KDC acepta solicitudes kpasswd cifradas con cualquier clave que conozca. • https://security.gentoo.org/glsa/202309-06 • CWE-290: Authentication Bypass by Spoofing •