Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017353 advisory. The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of...

EUVD-2022-15499

Malicious code in bioql PyPI...

Gather Ticket Granting Service (TGS) tickets for User Service Principal Names (SPN)

This module will try to find Service Principal Names that are associated with normal user accounts. Since normal accounts' passwords tend to be shorter than machine accounts, and knowing that a TGS request will encrypt the ticket with the account the SPN is running under, this could be used for a...

CVE-2019-3870

...

CVE-2022-0336

...

Kerberos TGT/TGS Ticket Requester

This module requests TGT/TGS Kerberos tickets from the KDC Module Options msf use auxiliary/admin/kerberos/getticket msf auxiliarygetticket show actions ...actions... msf auxiliarygetticket set ACTION msf auxiliarygetticket show options ...show and set options... msf auxiliarygetticket run This...

CVE-2022-0336

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

ALPINE-CVE-2022-0336

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

AZL-37009 CVE-2022-0336 affecting package samba for versions less than 4.18.3-1

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

March 8, 2022—KB5011560 (Security-only update)

March 8, 2022—KB5011560 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support...

OESA-2022-1529 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: Checks in Samba AD DC to prevent alias SPNs may be bypassed, enabling users who can write to the account's servicePrincipalName attribute to impersonate the service.CVE-2022-0336...

AD Starter Scan - Kerberoasting

Binary data adsikerberoasting.nbin...

The vulnerability affects the implementation of the Kerberos authentication protocol for the isolated software environment AppContainer on Microsoft Windows operating systems. This vulnerability allows a perpetrator to bypass authentication checks.

The vulnerability of the Kerberos authentication protocol for the isolated software environment AppContainer on Microsoft Windows operating systems is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass the network-based Kerberos authenticati...

PT-2021-3372 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to errors in security settings in the implementation of the Kerberos network authentication protocol for the AppContainer isolated software environment in...

Honeyroasting. How to detect Kerberoast breaches with honeypots

Introduction As we know one of the main issues facing defenders, especially in large environments, is protecting against threat actors after they gain a foothold in the environment. If an attacker lands on a domain-joined PC, the attack surface is massive, and it is vital to detect them as quickl...

Missing HOST SPN can cause workstation trust relationship error

User or admin is unable to login to a computer remotely using a domain account and sees this error: "The security database on the server does not have a computer account for this workstation trust relationship."...

DEBIAN-CVE-2019-3870

A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...

RiskySPN - Detect And Abuse Risky SPNs

RiskySPNs is a collection of PowerShell scripts focused on detecting and abusing accounts associated with SPNs Service Principal Name. This module can assist blue teams to identify potentially risky SPNs as well as red teams to escalate privileges by leveraging Kerberos and Active Directory. For...

Analysis of Kerberos constrained delegation SPN security vulnerabilities-vulnerability warning-the black bar safety net

In the past few years, more and more security researchers began to study Kerberos security, eventually found in support of the authentication Protocol of the network environment a lot of interesting attacks. In this post, I will describe my in the Windows Kerberos constrained delegation feature...

Analysis of Kerberos constrained delegation SPN security vulnerabilities-vulnerability warning-the black bar safety net

In the past few years, more and more security researchers began to study Kerberos security, eventually found in support of the authentication Protocol of the network environment a lot of interesting attacks. In this post, I will describe my in the Windows Kerberos constrained delegation feature...