Astra Linux – Vulnerability in Samba

A flaw was discovered in the way that a Samba, as an Active Directory Domain Controller, can support a RODC Read-Only Domain Controller. This would allow a RODC to print administrator tickets...

Azure Linux 3.0 Security Update: samba (CVE-2020-25718)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-25718 advisory. - A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC...

EUVD-2020-18372

Malware in sbrugna...

EUVD-2023-54034

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-4154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only...

CVE-2020-25718

...

AZL-37026 CVE-2023-4154 affecting package samba 4.18.3-2

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

CVE-2023-4154

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

Design/Logic Flaw

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

CVE-2023-4154 Samba: ad dc password exposure to privileged users and rodcs

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

CVE-2023-4154

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

UBUNTU-CVE-2023-4154

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

Read-only Domain Controller Support for CVAD

In a virtual desktop 2203 CU3 infrastructure with a DMZ which has its own Read-Only Domain Controller RODC and a secured Citrix Worker that is only allowed to contact the RODC server the configuration doesn't work...

SUSE CVE-2020-25718

A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC read-only domain controller. This would allow an RODC to print administrator tickets...

AZL-8766 CVE-2020-25718 affecting package samba 4.12.5-7

A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC read-only domain controller. This would allow an RODC to print administrator tickets...

DEBIAN-CVE-2020-25718

A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC read-only domain controller. This would allow an RODC to print administrator tickets...

The vulnerability of the MIT Kerberos Samba AD DC network communication software component allows attackers to enhance their privileges.

The vulnerability of the MIT Kerberos Samba AD DC network communication component programs is related to the ability to support RODC functionality. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

UBUNTU-CVE-2020-25718

A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC read-only domain controller. This would allow an RODC to print administrator tickets...

CVE-2020-1472/Zerologon. As an IT manager should I worry?

TL;DR Yes, apply the update from Microsoft. The new MS08-067? CVE-2020-1472 is an elevation of privilege vulnerability in a cryptographic authentication scheme used by the Netlogon service and was discovered and named Zerologon by Tom Tervoort at Secura. It does not require authentication. It can...

April 2015 servicing stack update for Windows 8.1 and Windows Server 2012 R2

April 2015 servicing stack update for Windows 8.1 and Windows Server 2012 R2 This article describes a servicing stack update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2. The update fixes some issues. About servicing stack The servicing stack includes the files and resources that a...