Vulnerabilities
Vulnerable Software
Samba:  >> Samba  Security Vulnerabilities
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
CVSS Score
9.8
EPSS Score
0.005
Published
2023-03-06
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
CVSS Score
5.9
EPSS Score
0.008
Published
2023-03-06
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
CVSS Score
4.3
EPSS Score
0.012
Published
2023-01-17
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
CVSS Score
6.5
EPSS Score
0.037
Published
2023-01-12
A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem.
CVSS Score
6.5
EPSS Score
0.024
Published
2023-01-12
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
CVSS Score
8.8
EPSS Score
0.064
Published
2022-12-25
Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
CVSS Score
9.8
EPSS Score
0.018
Published
2022-12-25
Netlogon RPC Elevation of Privilege Vulnerability
CVSS Score
8.1
EPSS Score
0.026
Published
2022-11-09
Windows Kerberos Elevation of Privilege Vulnerability
CVSS Score
7.2
EPSS Score
0.045
Published
2022-11-09
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVSS Score
8.1
EPSS Score
0.028
Published
2022-11-09


Contact Us

Shodan ® - All rights reserved