Astra Linux - уязвимость в samba

A design flaw was identified in Samba’s DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users with the GETCHANGES permission to access all attributes, including sensitive...

AZL-37026 CVE-2023-4154 affecting package samba 4.18.3-2

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

AZL-31955 CVE-2023-4154 affecting package samba 4.12.5-7

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

CVE-2023-4154

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

SUSE CVE-2023-4154

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

UBUNTU-CVE-2023-4154

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

PT-2023-6233 · Samba +7 · Samba +7

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This fla...

Kerberos Silver/Golden/Diamond/Sapphire Ticket Forging

This module forges a Kerberos ticket. Four different techniques can be used: - Silver ticket: Using a service account hash, craft a ticket impersonating any user and privileges to that account. - Golden ticket: Using the krbtgt hash, craft a ticket impersonating any user and privileges. - Diamond...

AD Starter Scan - Kerberos Krbtgt

Binary data adsikerberoskrbtgt.nbin...

Error: "The pool failed to enable external authentication" on XenServer

Unable to join the XenServer hosts to Active directory domain. The computer account is created in the domain but the following error continues to appear: Enabling Active Directory Authentication on pool … “Error: The pool failed to enable external authentication.” In the xensource.log the followi...

Authentication Bypass Vulnerability in Kerberos Network Authentication Protocol

MIT Kerberos is a set of network authentication protocols developed by the Massachusetts Institute of Technology MIT in the United States, using a client/server structure, and both the client and the server side of the authentication of each other i.e., double authentication. The Kerberos network...