Lucene search
RedhatCVELIST:CVE-2020-25719HistoryFeb 18, 2022 - 12:00 a.m.
CVE-2020-25719
2022-02-1800:00:00
CWE-287
redhat
www.cve.org
8
samba
active directory
kerberos
authentication
domain compromise
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
CNA Affected
[
{
"vendor": "n/a",
"product": "samba",
"versions": [
{
"version": "samba 4.15.2, samba 4.14.10, samba 4.13.14",
"status": "affected"
}
]
}
]Related
nessus
nessus
CentOS 8 : idm:DL1 (CESA-2021:5142)
2021-12-16 00:00:00
AlmaLinux 8 : idm:DL1 (ALSA-2021:5142)
2022-03-11 00:00:00
RHEL 8 : idm:DL1 (RHSA-2021:5142)
2021-12-15 00:00:00
prion
prion
Design/Logic Flaw
2022-02-18 18:15:00
almalinux
almalinux
Moderate: idm:DL1 security update
2021-12-15 07:39:49
ubuntucve
ubuntucve
CVE-2020-25719
2021-11-09 00:00:00
rocky
rocky
idm:DL1 security update
2021-12-15 07:39:49
redhat
redhat
(RHSA-2022:0007) Moderate: idm:DL1 security update
2022-01-04 07:51:04
(RHSA-2021:5195) Moderate: ipa security and bug fix update
2021-12-16 16:34:20
(RHSA-2022:0076) Moderate: idm:DL1 security update
2022-01-11 09:08:54
osv
osv
Moderate: idm:DL1 security update
2021-12-15 07:39:49
Moderate: idm:DL1 security update
2021-12-15 07:39:49
CVE-2020-25719
2022-02-18 18:15:08
nvd
nvd
CVE-2020-25719
2022-02-18 18:15:08
redhatcve
redhatcve
CVE-2020-25719
2021-11-10 03:28:05
oraclelinux
oraclelinux
idm:DL1 security update
2021-12-16 00:00:00
ipa security and bug fix update
2021-12-17 00:00:00
alpinelinux
alpinelinux
CVE-2020-25719
2022-02-18 18:15:08
debiancve
debiancve
CVE-2020-25719
2022-02-18 18:15:08
cnvd
cnvd
Samba Security Bypass Vulnerability (CNVD-2022-15500)
2021-11-12 00:00:00
veracode
veracode
Total Domain Compromise
2021-11-12 15:19:39
cve
cve
CVE-2020-25719
2022-02-18 18:15:08
cbl_mariner
cbl_mariner
CVE-2020-25719 affecting package samba 4.12.5-6
2024-10-01 22:11:53
samba
samba
Samba AD DC did not always rely on the SID
2021-11-09 00:00:00
openvas
openvas
CentOS: Security Advisory for ipa-client (CESA-2021:5195)
2022-01-11 00:00:00
Samba 4.0.0 < 4.13.14, 4.14.0 < 4.14.10, 4.15.0 < 4.15.2 Multiple Vulnerabilities
2021-11-11 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1295)
2022-03-02 00:00:00
amazon
amazon
Important: ipa
2023-07-17 17:40:00
centos
centos
ipa, python2 security update
2021-12-21 21:37:58
freebsd
freebsd
samba -- Multiple Vulnerabilities
2021-11-10 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: libldb-2.3.2-1.fc34
2021-12-01 01:14:11
[SECURITY] Fedora 34 Update: freeipa-4.9.6-4.fc34
2021-12-01 01:14:11
[SECURITY] Fedora 35 Update: samba-4.15.2-3.fc35
2021-11-19 01:16:32
debian
debian
[SECURITY] [DSA 5003-1] samba security update
2021-11-09 18:46:42
[SECURITY] [DSA 5003-1] samba security update
2021-11-09 18:46:42
cisa
cisa
Samba Releases Security Updates
2021-11-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.14.10-alt1
2021-11-07 00:00:00
mageia
mageia
Updated samba packages fix security vulnerability
2021-12-26 03:14:13
ubuntu
ubuntu
Samba regression
2021-12-13 00:00:00
Samba vulnerabilities
2021-11-11 00:00:00
Samba regressions
2021-12-06 00:00:00
suse
suse
Security update for samba and ldb (important)
2021-11-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2450
2024-07-15 08:46:32
gentoo
gentoo
Samba: Multiple Vulnerabilities
2023-09-17 00:00:00