Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2022-1642.NASL
HistoryDec 10, 2022 - 12:00 a.m.

Amazon Linux AMI : samba (ALAS-2022-1642)

2022-12-1000:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
JSON

The version of samba installed on the remote host is prior to 4.10.16-20.62. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1642 advisory.

  • Kerberos Security Feature Bypass Vulnerability (CVE-2020-17049)

  • A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer). (CVE-2022-32742)

  • A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users’ passwords, enabling full domain takeover. (CVE-2022-32744)

  • A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault. (CVE-2022-32745)

  • A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl. (CVE-2022-32746)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1642.
##

include('compat.inc');

if (description)
{
  script_id(168596);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/29");

  script_cve_id(
    "CVE-2020-17049",
    "CVE-2022-32742",
    "CVE-2022-32744",
    "CVE-2022-32745",
    "CVE-2022-32746"
  );
  script_xref(name:"IAVA", value:"2022-A-0299-S");

  script_name(english:"Amazon Linux AMI : samba (ALAS-2022-1642)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux AMI host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of samba installed on the remote host is prior to 4.10.16-20.62. It is, therefore, affected by multiple
vulnerabilities as referenced in the ALAS-2022-1642 advisory.

  - Kerberos Security Feature Bypass Vulnerability (CVE-2020-17049)

  - A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client
    had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or
    printer) instead of client-supplied data. The client cannot control the area of the server memory written
    to the file (or printer). (CVE-2022-32742)

  - A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By
    encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling
    full domain takeover. (CVE-2022-32744)

  - A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP
    add or modify the request, usually resulting in a segmentation fault. (CVE-2022-32745)

  - A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP
    message values freed by a preceding database module, resulting in a use-after-free issue. This issue is
    only possible when modifying certain privileged attributes, such as userAccountControl. (CVE-2022-32746)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2022-1642.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2020-17049.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-32742.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-32744.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-32745.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2022-32746.html");
  script_set_attribute(attribute:"solution", value:
"Run 'yum update samba' to update your system.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-17049");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-32744");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/11/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/12/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/12/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ctdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ctdb-tests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsmbclient");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libsmbclient-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libwbclient");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:libwbclient-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-client-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-common-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-common-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-krb5-printing");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-pidl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-python-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-test-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-winbind");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-winbind-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-winbind-krb5-locator");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:samba-winbind-modules");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Amazon Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var pkgs = [
    {'reference':'ctdb-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ctdb-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ctdb-tests-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ctdb-tests-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libsmbclient-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libsmbclient-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libsmbclient-devel-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libsmbclient-devel-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libwbclient-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libwbclient-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libwbclient-devel-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'libwbclient-devel-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-client-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-client-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-client-libs-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-client-libs-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-common-4.10.16-20.62.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-common-libs-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-common-libs-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-common-tools-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-common-tools-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-debuginfo-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-debuginfo-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-devel-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-devel-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-krb5-printing-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-krb5-printing-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-libs-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-libs-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-pidl-4.10.16-20.62.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-python-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-python-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-python-test-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-python-test-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-test-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-test-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-test-libs-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-test-libs-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-clients-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-clients-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-krb5-locator-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-krb5-locator-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-modules-4.10.16-20.62.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'samba-winbind-modules-4.10.16-20.62.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ctdb / ctdb-tests / libsmbclient / etc");
}
VendorProductVersionCPE
amazonlinuxctdbp-cpe:/a:amazon:linux:ctdb
amazonlinuxctdb-testsp-cpe:/a:amazon:linux:ctdb-tests
amazonlinuxlibsmbclientp-cpe:/a:amazon:linux:libsmbclient
amazonlinuxlibsmbclient-develp-cpe:/a:amazon:linux:libsmbclient-devel
amazonlinuxlibwbclientp-cpe:/a:amazon:linux:libwbclient
amazonlinuxlibwbclient-develp-cpe:/a:amazon:linux:libwbclient-devel
amazonlinuxsambap-cpe:/a:amazon:linux:samba
amazonlinuxsamba-clientp-cpe:/a:amazon:linux:samba-client
amazonlinuxsamba-client-libsp-cpe:/a:amazon:linux:samba-client-libs
amazonlinuxsamba-commonp-cpe:/a:amazon:linux:samba-common
Rows per page:
1-10 of 261

Related

amazon 3
nessus 61
openvas 47
fedora 4
suse 5
altlinux 2
debian 1
mageia 1
osv 12
f5 1
cisa 1
slackware 1
freebsd 1
redos 1
ubuntu 1
prion 5
debiancve 4
redhatcve 3
rosalinux 1
samba 4
mskb 2
cve 4
alpinelinux 4
veracode 3
ubuntucve 3
cbl_mariner 3
redhat 4
attackerkb 1
almalinux 4
oraclelinux 4
rocky 4
msrc 1
mscve 1
zdi 1
ibm 1
amazon
amazon
Important: samba
2022-12-01 17:33:00
Important: samba
2022-12-01 20:32:00
Medium: samba
2023-07-20 17:29:00
nessus
nessus
Amazon Linux 2022 : samba (ALAS2022-2022-213)
2022-12-09 00:00:00
Debian DSA-5205-1 : samba - security update
2022-08-12 00:00:00
EulerOS Virtualization 2.10.1 : samba (EulerOS-SA-2022-2943)
2022-12-28 00:00:00
openvas
openvas
Fedora: Security Advisory for samba (FEDORA-2022-19600c9743)
2022-08-01 00:00:00
Fedora: Security Advisory for libldb (FEDORA-2022-19600c9743)
2022-08-01 00:00:00
Fedora: Security Advisory for libldb (FEDORA-2022-1479911a38)
2022-08-15 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: libldb-2.5.2-1.fc36
2022-07-31 01:38:52
[SECURITY] Fedora 35 Update: samba-4.15.9-0.fc35
2022-08-14 03:01:36
[SECURITY] Fedora 36 Update: samba-4.16.4-0.fc36
2022-07-31 01:38:52
suse
suse
Security update for ldb, samba (important)
2022-09-01 00:00:00
Security update for ldb, samba (important)
2022-07-29 00:00:00
Security update for ldb, samba (important)
2022-08-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.15.9-alt1
2022-08-15 00:00:00
Security fix for the ALT Linux 10 package samba version 4.14.9-alt1
2021-11-01 00:00:00
debian
debian
[SECURITY] [DSA 5205-1] samba security update
2022-08-11 19:16:47
mageia
mageia
Updated ldb/samba/sssd packages fix security vulnerability
2022-08-26 00:21:07
osv
osv
samba - security update
2022-08-11 00:00:00
samba vulnerabilities
2022-08-01 11:50:53
CVE-2022-32744
2022-08-25 18:15:10
f5
f5
K21571420 : Multiple Samba vulnerabilities
2022-08-05 00:00:00
cisa
cisa
Samba Releases Security Updates
2022-07-27 00:00:00
slackware
slackware
[slackware-security] samba
2022-07-27 19:20:14
freebsd
freebsd
samba -- Multiple vulnerabilities
2022-07-27 00:00:00
redos
redos
ROS-20220808-01
2022-08-08 00:00:00
ubuntu
ubuntu
Samba vulnerabilities
2022-08-01 00:00:00
prion
prion
Design/Logic Flaw
2022-08-25 18:15:00
Design/Logic Flaw
2022-08-25 18:15:00
Security feature bypass
2020-11-11 07:15:00
debiancve
debiancve
CVE-2022-32745
2022-08-25 18:15:00
CVE-2022-32744
2022-08-25 18:15:00
CVE-2022-32746
2022-08-25 18:15:00
redhatcve
redhatcve
CVE-2022-32745
2022-07-27 15:55:01
CVE-2022-32744
2022-07-27 15:54:55
CVE-2020-17049
2021-11-22 20:20:39
rosalinux
rosalinux
Advisory ROSA-SA-2022-2062
2022-12-06 12:24:46
samba
samba
Samba AD users can forge password change requests for
2022-07-27 00:00:00
Samba AD users can crash the server process with an
2022-07-27 00:00:00
Samba AD users can induce a use-after-free in the
2022-07-27 00:00:00
mskb
mskb
July 13, 2021 Public preview security update (KB5004243)
2021-06-02 00:00:00
June 8, 2021 Public preview security update (KB5003645)
2021-05-05 00:00:00
cve
cve
CVE-2022-32745
2022-08-25 18:15:00
CVE-2020-17049
2020-11-11 07:15:00
CVE-2022-32744
2022-08-25 18:15:00
alpinelinux
alpinelinux
CVE-2022-32745
2022-08-25 18:15:00
CVE-2022-32744
2022-08-25 18:15:00
CVE-2022-32746
2022-08-25 18:15:00
veracode
veracode
Information Disclosure
2022-08-04 03:05:52
Denial Of Service (DoS)
2022-08-04 03:05:57
Information Disclosure
2022-08-04 03:05:51
ubuntucve
ubuntucve
CVE-2022-32745
2022-07-27 00:00:00
CVE-2022-32742
2022-07-27 00:00:00
CVE-2022-32746
2022-07-27 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-17049 affecting package samba 4.12.5-6
2024-04-26 09:06:34
CVE-2022-32744 affecting package samba 4.12.5-6
2024-04-26 09:06:34
CVE-2022-32742 affecting package samba 4.12.5-6
2024-04-26 09:06:34
redhat
redhat
(RHSA-2023:2570) Moderate: krb5 security, bug fix, and enhancement update
2023-05-09 05:14:28
(RHSA-2022:8317) Moderate: samba security, bug fix, and enhancement update
2022-11-15 06:21:30
(RHSA-2022:7730) Moderate: libldb security, bug fix, and enhancement update
2022-11-08 06:27:20
attackerkb
attackerkb
CVE-2020-17049
2020-11-11 00:00:00
almalinux
almalinux
Moderate: krb5 security, bug fix, and enhancement update
2023-05-09 00:00:00
Moderate: libldb security, bug fix, and enhancement update
2022-11-08 00:00:00
Moderate: libldb security, bug fix, and enhancement update
2022-11-15 00:00:00
oraclelinux
oraclelinux
krb5 security, bug fix, and enhancement update
2023-05-15 00:00:00
libldb security, bug fix, and enhancement update
2022-11-15 00:00:00
samba security, bug fix, and enhancement update
2022-11-22 00:00:00
rocky
rocky
samba security and bug fix update
2022-10-25 07:24:06
libldb security, bug fix, and enhancement update
2022-11-08 06:27:20
libldb security, bug fix, and enhancement update
2022-11-15 06:21:32
msrc
msrc
Kerberos KDC の脆弱性 (CVE-2020-17049) に対応するためのガイダンス
2020-11-19 08:00:00
mscve
mscve
Kerberos KDC Security Feature Bypass Vulnerability
2020-11-10 08:00:00
zdi
zdi
Samba SMB1 Out-Of-Bounds Read Information Disclosure Vulnerability
2023-05-24 00:00:00
ibm
ibm
Security Bulletin: Samba for IBM i is vulnerable to attacker obtaining sensitive information due to a memory leak with SMB1 requests (CVE-2022-32742)
2022-08-17 14:18:33
JSON
Related for ALA_ALAS-2022-1642.NASL
amazon3nessus61openvas47fedora4suse5altlinux2debian1mageia1osv12f51cisa1slackware1freebsd1redos1ubuntu1prion5debiancve4redhatcve3rosalinux1samba4mskb2cve4alpinelinux4veracode3ubuntucve3cbl_mariner3redhat4attackerkb1almalinux4oraclelinux4rocky4msrc1mscve1zdi1ibm1