3 matches found
EUVD-2026-43233
OpenWrt luci-app-samba4 read ACL grants file.exec permission on /usr/sbin/smbd, allowing authenticated delegated users to execute the Samba daemon with caller-controlled command-line arguments. Attackers can pass arbitrary Samba global options such as message command to a root smbd process,...
MiracleLinux 8 : samba-4.17.5-3.el8.ML.1 (AXSA:2023-6311:09)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6311:09 advisory. samba: SMB2 packet signing is not enforced when server signing = required is set CVE-2023-3347 Tenable has extracted the preceding description block directly...
AZL-25602 CVE-2022-45141 affecting package samba 4.12.5-7
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...