The vulnerability of the MIT Kerberos Samba AD DC network communication software component allows a attacker to cause a service failure.

The vulnerability of the MIT Kerberos Samba AD DC network communication component involves an uncontrolled consumption of system resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of AD DC network communication programs like Samba allows attackers to compromise the integrity of information.

The vulnerability of AD DC network communication programs like Samba is related to the incorrect implementation of security checks for standard system components. Exploiting this vulnerability allows a malicious actor to compromise the integrity of information...

RDP DOUBLEPULSAR Remote Code Execution

This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for RDP. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This module requires Metasploit:...

DEBIAN-CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" or above then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP...

Splunk Attack Range - A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk

The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your production environment. This lab infrastructure contains a Windows Domain Controller, Windows Workstation and Linux server,...

DEBIAN-CVE-2019-14861

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the poorly named dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default...

DEBIAN-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

DEBIAN-CVE-2019-14847

A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue...

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

UBUNTU-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

Default configuration

An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx e.g., FSAdmin123456789 on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. This account is placed...

CVE-2019-14510

CVE-2019-14510 affects Kaseya VSA RMM up to 9.5.0.22. The default LAN Cache configuration creates a local account FSAdminxxxxxxxxx on the LAN Cache host and all assigned clients, placing it in each client’s local Administrators group. If a client is a Domain Controller, the account is created as ...

CVE-2016-5406

The domain controller will not propagate its administrative RBAC configuration to some slaves. An attacker could use this to escalate their privileges...

Security fix for the ALT Linux 8 package samba-DC version 4.9.13-alt1

4.9.13-alt1 built Sept. 27, 2019 Evgeny Sinelnikov in task 237896 Sept. 20, 2019 Evgeny Sinelnikov - Update to first security autumn release for domain controller release - Security fixes: + CVE-2019-10197 Permissions check deny can allow user to escape from the share...

How to: Kerberoast like a boss

Kerberoasting: by default, all standard domain users can request a copy of all service accounts along with their correlating password hashes. Crack these and you could have administrative privileges. But that’s so 2014. Why write a blog post about this in 2019 then? It still works well, yet there...

DEBIAN-CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

EulerOS 2.0 SP8 : samba (EulerOS-SA-2019-1780)

According to the version of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A double-free was found when Samba's KDC is used as an Active Directory Domain Controller. An authenticated attacker could use this flaw to cause a...

Cellular networks under fire from Soft Cell attacks

We place a lot of trust in our mobile experience, given they’re one of the most constant companions we have. Huge reams of data, tied to a device we always carry with us, with said device frequently offering additional built-in app functionality. An astonishing wealth of information, for anyone...

UBUNTU-CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

Privilege Escalation

Red Hat JBoss Enterprise Application Platform is vulnerable to privilege escalation vulnerability. The domain controller in EAP will not propagate its administrative RBAC configuration to some slaves. An unauthenticated attacker could gain gain elevated privileges by leveraging failure to propaga...