CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
68.8%
In implementing the Validated dnsHostName permission check in Samba’s
Active Directory DC, and therefore applying correctly constraints on
the values of a dnsHostName value for a computer in a Samba domain
(CVE-2022-32743), the case where the dnsHostName is deleted, rather
than modified or added, was incorrectly handled.
Therefore, in Samba 4.17.0 and later an LDAP attribute value deletion
of the dnsHostName attribute became possible for authenticated but
otherwise unprivileged users, for any object.
Patches addressing both these issues have been posted to:
https://www.samba.org/samba/security/
Additionally, Samba $VERSIONS have been issued
as security releases to correct the defect. Samba administrators are
advised to upgrade to these releases or apply the patch as soon
as possible.
CVSS3.1:AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L (5.4)
The AD DC LDAP server is a critical component of the AD DC, and it
should not be disabled. However it can be disabled by setting
server services = -ldap
in the smb.conf and restarting Samba
Originally reported by Lukas Mitter of codemanufaktur GmbH.
Patches provided by Joseph Sutton and Douglas Bagnall of Catalyst
and the Samba Team.
Advisory prepared by Andrew Bartlett of Catalyst and the Samba Team.
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team