RHEL 9 : samba (RHSA-2023:2137)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2137 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

USN-5936-1 samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

RLSA-2023:0838 Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and...

samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided

A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between...

Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities

Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems. The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in...

Security fix for the ALT Linux 10 package samba version 4.16.8-alt1

Dec. 15, 2022 Evgeny Sinelnikov 4.16.8-alt1 - Update to maintenance release of Samba 4.16 with fixes of the Samba CVE for the Windows Kerberos Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022 CVE-2022-37967, CVE-2022-37966. - Security fixes: + CVE-2022-37966: A Samba Acti...

PT-2022-5501

Name of the Vulnerable Software and Affected Versions Windows versions prior to the fixed version Description The issue is related to errors in security settings of the Netlogon Remote Protocol MS-NRPC implementation in Windows operating systems. This allows a remote attacker to elevate their...

UBUNTU-CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC. An attacker who successfully exploited the vulnerability could run a specially crafted application on a...