CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

CVE-2022-3437

CVE-2022-3437 is a heap-based buffer overflow in Samba’s use of Heimdal GSSAPI (unwrap_des/unwrap_des3). The fix involved making memcmp constant-time and patching a compiler-related issue by adding “!= 0” to memcmp results; backported patches were applied to heimdal-7.7.1 and 7.8.0 branches (and ...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Heimdal vulnerabilities (USN-5800-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5800-1 advisory. It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to caus...

CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

EulerOS 2.0 SP11 : samba (EulerOS-SA-2023-1046)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and...

EulerOS 2.0 SP11 : samba (EulerOS-SA-2023-1021)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and...

Fedora 35 : samba (2022-003403ec6b)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-003403ec6b advisory. Update to version 4.15.12 ---- Update to version 4.15.11 - Security fixes for CVE-2022-3437 Tenable has extracted the preceding description block...

Fedora 36 : heimdal (2022-dba9ba8e2b)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-dba9ba8e2b advisory. Fixes: Delay service starts until after network is online rhbz2005501 Restart services on package update will apply when updating from this release...

PT-2022-6537 · Heimdal +4 · Heimdal +4

Name of the Vulnerable Software and Affected Versions: heimdal versions 7.7.1 through 7.8.0 Description: The issue is related to the implementation of the Kerberos5 protocol in heimdal, specifically concerning incorrect validation of message integrity codes. This can allow a remote attacker to...

Buffer Overflow

samba is vulnerable to buffer overflow. The vulnerability exists within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal because GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet causing an application cras...

CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

Fedora 36 : samba (2022-3dcb5a3785)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-3dcb5a3785 advisory. Update to version 4.16.6 - Security fixes for CVE-2022-3592 and CVE-2022-3437 Tenable has extracted the preceding description block directly from th...

Security fix for the ALT Linux 10 package samba version 4.16.6-alt1

Oct. 27, 2022 Evgeny Sinelnikov 4.16.6-alt1 - Update to maintenance release of Samba 4.16 Samba15134 - Security fixes: + CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal included in Samba...

CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

[slackware-security] samba

New samba packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/samba-4.15.11-i586-1slack15.0.txz: Upgraded. This update fixes the following security issue: There is a limited write heap buffer...

Slackware Linux 15.0 / current samba Vulnerability (SSA:2022-298-02)

The version of samba installed on the remote host is prior to 4.15.11 / 4.17.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-298-02 advisory. - A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of...

Buffer overflow in Heimdal unwrap_des3()

Description The DES for Samba 4.11 and earlier and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet. Examples of where Samba can use GSSAPI include the client and...

PT-2022-5230 · Heimdal +9 · Heimdal +9

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A heap-based buffer overflow issue was found in the GSSAPI unwrap des and unwrap des3 routines of Heimdal, which is part of the Samba network interaction program. This issue allows a remote...