AZL-31901 CVE-2023-42670 affecting package samba 4.12.5-7

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

DEBIAN-CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

ALPINE-CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

Design/Logic Flaw

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

Samba Security Vulnerabilities

Samba is the standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in Samba. An attacker could exploit this vulnerability to compromise AD DC services...

samba: "rpcecho" development server allows denial of service via sleep() call on AD DC

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

Samba Security Vulnerabilities

Samba is the standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in Samba, which stems from a security flaw in the rpcecho development server. Allows an attacker to cause a denial of service DOS by calling sleep on the AD DC...

Samba Security Vulnerabilities

Samba is the standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in Samba versions prior to 4.19.1, prior to 4.18.8, and prior to 4.17.12, which stems from the exposure of Samba AD DC passwords to privileged users and RODCs, with RODCs and users wit...

SUSE CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

UBUNTU-CVE-2023-42669

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

UBUNTU-CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

PT-2023-6230 · Samba +5 · Samba +5

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A flaw was found in Samba, making it susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC serv...

Read-only Domain Controller Support for CVAD

In a virtual desktop 2203 CU3 infrastructure with a DMZ which has its own Read-Only Domain Controller RODC and a secured Citrix Worker that is only allowed to contact the RODC server the configuration doesn't work...

XenServer can't sync time from Windows domain controller

This article provides instruction to synchronize XenServer system time with Windows domain controller/NTP Server...

Debian dla-3563 : ctdb - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3563 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3563-1 [email protected]...

PT-2023-6231 · Samba +10 · Samba +10

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This issue stems from an RPC function that can be...

Unable to launch the PVS console. Error: "Unable to connect to the Domain Controller.."

After completing the PVS configuration Wizard using a service account within the same domain as the PVS server, the administrators are unable to launch the PVS console and observe the error - "Unable to connect to the Domain Controller if any or the default rootDSE. Error code: 44936673, message:...

Citrix FAS - Incorrect username and password

Incorrect username and password FAS After launching desktop when users tries to log on. No error on the certificates, no error in "Application" and "System" in the FAS server. VDA event logs Windows logs Security and looking for audit failure at the same time as the login failure: 0xC000006A| use...

Key Network Questions

I wrote this on 7 December 2018 but never published it until today. The following are the "key network questions" which "would answer many key questions about a network, without having to access a third party log repository. This data is derived from mining Zeek log data as it is created, rather...

CVE-2023-35854

Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. NOTE: the vendor's perspective is that they have "found...