Samba

Samba

211 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-32744

  • EPSS 0.31%
  • Published 25.08.2022 18:15:10
  • Last modified 21.11.2024 07:06:52

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

8.1

CVE-2022-32745

  • EPSS 0.36%
  • Published 25.08.2022 18:15:10
  • Last modified 21.11.2024 07:06:52

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

5.4

CVE-2022-32746

  • EPSS 0.22%
  • Published 25.08.2022 18:15:10
  • Last modified 21.11.2024 07:06:52

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privile...

8.8

CVE-2022-2031

  • EPSS 0.31%
  • Published 25.08.2022 18:15:09
  • Last modified 21.11.2024 07:00:12

A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit t...

6.8

CVE-2021-20316

  • EPSS 0.44%
  • Published 23.08.2022 16:15:09
  • Last modified 21.11.2024 05:46:21

A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.

6.5

CVE-2021-3670

  • EPSS 3.76%
  • Published 23.08.2022 16:15:09
  • Last modified 21.08.2025 17:57:42

MaxQueryDuration not honoured in Samba AD DC LDAP

8.8

CVE-2020-25721

  • EPSS 0.19%
  • Published 16.03.2022 15:15:09
  • Last modified 21.11.2024 05:18:34

Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.

8.8

CVE-2021-3738

  • EPSS 0.29%
  • Published 02.03.2022 23:15:09
  • Last modified 21.11.2024 06:22:17

In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was corr...

7.5

CVE-2021-23192

  • EPSS 0.06%
  • Published 02.03.2022 23:15:08
  • Last modified 21.11.2024 05:51:21

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.

4.3

CVE-2021-44141

  • EPSS 0.31%
  • Published 21.02.2022 18:15:08
  • Last modified 21.11.2024 06:30:25

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has t...