CVE-2020-27840
https://notcve.org/view.php?id=CVE-2020-27840
A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en samba. Los espacios usados en una cadena alrededor de un nombre de dominio (DN), aunque se supone que deben ser ignorados, pueden causar cadenas DN no válidas con espacios en lugar de escribir un byte cero en la memoria fuera de límites, resultando en un bloqueo. • https://bugzilla.redhat.com/show_bug.cgi?id=1941400 https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLZ74IF2N75VQSIHBL4B3P5WKWQCXSRY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5J3B6PN5XMXF3OHYBNHDKZ3XFSUGY4L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXP3ONIY6MB4C5LDZV4YL5KJCES3UX24 https://security.gentoo.org/glsa/202105-22 ht • CWE-125: Out-of-bounds Read •
CVE-2021-20277 – samba: Out of bounds read in AD DC LDAP server
https://notcve.org/view.php?id=CVE-2021-20277
A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. Se encontró un fallo en libldb de Samba. Múltiples espacios iniciales consecutivos en un atributo LDAP pueden conllevar a una escritura de memoria fuera de los límites, conllevando a un bloqueo del proceso del servidor LDAP que maneja la petición. • https://bugzilla.redhat.com/show_bug.cgi?id=1941402 https://lists.debian.org/debian-lts-announce/2021/03/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLZ74IF2N75VQSIHBL4B3P5WKWQCXSRY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5J3B6PN5XMXF3OHYBNHDKZ3XFSUGY4L https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXP3ONIY6MB4C5LDZV4YL5KJCES3UX24 https://security.gentoo.org/glsa/202105-22 ht • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2020-17049 – Kerberos KDC Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-17049
<p>A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).</p> <p>To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it.</p> <p>The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.</p> Vulnerabilidad de Omisión de la Característica de Seguridad de Kerberos A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD. It was found that the Kerberos Key Distribution Center (KDC) delegation feature, Service for User (S4U), did not sufficiently protect the tickets it's providing from tempering. • http://www.openwall.com/lists/oss-security/2021/11/10/3 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049 https://security.gentoo.org/glsa/202309-06 https://access.redhat.com/security/cve/CVE-2020-17049 https://bugzilla.redhat.com/show_bug.cgi?id=2025721 • CWE-345: Insufficient Verification of Data Authenticity CWE-863: Incorrect Authorization •