Page 7 of 78 results (0.018 seconds)

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2021-3671

https://notcve.org/view.php?id=CVE-2021-3671

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server. Se ha encontrado una desreferencia de puntero null en la forma en que el servidor kerberos de Samba manejaba el sname faltante en TGS-REQ (Ticket Granting Server - Request). Un usuario autenticado podría usar este fallo para bloquear el servidor samba • https://bugzilla.redhat.com/show_bug.cgi?id=2013080%2C https://bugzilla.samba.org/show_bug.cgi?id=14770%2C https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html https://security.netapp.com/advisory/ntap-20221215-0002 https://security.netapp.com/advisory/ntap-20230216-0008 https://www.debian.org/security/2022/dsa-5287 • CWE-476: NULL Pointer Dereference •

CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-20254 – samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token

https://notcve.org/view.php?id=CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=1949442 https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EP2VJ73OVBPVSOSTVOMGIEQA3MWF6F7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZAF6L2M6CNAJ2YYYGXPWETTW5YLCWTVT https://security.gentoo.org/glsa/202105-22 https://security.netapp.com/advisory/ntap-20210430-0001 https://www.samba.org/samba/security/CVE-2021-20254 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-27840

https://notcve.org/view.php?id=CVE-2020-27840

A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en samba. Los espacios usados en una cadena alrededor de un nombre de dominio (DN), aunque se supone que deben ser ignorados, pueden causar cadenas DN no válidas con espacios en lugar de escribir un byte cero en la memoria fuera de límites, resultando en un bloqueo. • https://bugzilla.redhat.com/show_bug.cgi?id=1941400 https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLZ74IF2N75VQSIHBL4B3P5WKWQCXSRY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5J3B6PN5XMXF3OHYBNHDKZ3XFSUGY4L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXP3ONIY6MB4C5LDZV4YL5KJCES3UX24 https://security.gentoo.org/glsa/202105-22 ht • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-20277 – samba: Out of bounds read in AD DC LDAP server

https://notcve.org/view.php?id=CVE-2021-20277

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. Se encontró un fallo en libldb de Samba. Múltiples espacios iniciales consecutivos en un atributo LDAP pueden conllevar a una escritura de memoria fuera de los límites, conllevando a un bloqueo del proceso del servidor LDAP que maneja la petición. • https://bugzilla.redhat.com/show_bug.cgi?id=1941402 https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLZ74IF2N75VQSIHBL4B3P5WKWQCXSRY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5J3B6PN5XMXF3OHYBNHDKZ3XFSUGY4L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXP3ONIY6MB4C5LDZV4YL5KJCES3UX24 https://security.gentoo.org/glsa/202105-22 ht • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 9.0EPSS: 2%CPEs: 11EXPL: 0

CVE-2020-17049 – Kerberos KDC Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2020-17049

<p>A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).</p> <p>To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it.</p> <p>The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.</p> Vulnerabilidad de Omisión de la Característica de Seguridad de Kerberos A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD. It was found that the Kerberos Key Distribution Center (KDC) delegation feature, Service for User (S4U), did not sufficiently protect the tickets it's providing from tempering. • http://www.openwall.com/lists/oss-security/2021/11/10/3 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049 https://security.gentoo.org/glsa/202309-06 https://access.redhat.com/security/cve/CVE-2020-17049 https://bugzilla.redhat.com/show_bug.cgi?id=2025721 • CWE-345: Insufficient Verification of Data Authenticity CWE-863: Incorrect Authorization •