2 matches found
freeipa: delegation rules allow a proxy service to impersonate any user to access another target service
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the checkallowedtodelegate function: If the target service...
Samba 4.x < 4.9.17 / 4.10.x < 4.10.11 / 4.11.x < 4.11.3 Multiple Vulnerabilities
The version of Samba running on the remote host is 4.x prior to 4.9.17, 4.10.x prior to 4.10.11, or 4.11.x prior to 4.11.3. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in the ldbqsort and dnsnamecompare routines due to how the routines...