EUVD-2017-8603

Malware in sbrugna...

EUVD-2018-8651

Malware in sbrugna...

CVE-2023-5568 Samba: heap buffer overflow with freshness tokens in the heimdal kdc

A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service...

Samba File Buffer Overflow Vulnerability (CVE-2023-5568)

Samba is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba"; ifdescription...

K85796417: Samba vulnerability CVE-2018-16860

Security Advisory Description A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the...

SUSE CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

MGASA-2022-0468 Updated heimdal packages fix security vulnerability

Isaac Boukris reported that the Heimdal KDC before 7.7.1 does not apply delegationnotallowed aka not-delegated user attributes for S4U2Self. Instead the forwardable flag is set even if the impersonated client has the not-delegated flag set. CVE-2019-14870 Joseph Sutton discovered that the Heimdal...

Man In The Middle (MitM)

samba:xenial is vulnerable to man-in-the-middle. A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name principal in the request with any...

EulerOS 2.0 SP2 : samba (EulerOS-SA-2020-2396)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controlle...

EulerOS Virtualization for ARM 64 3.0.2.0 : samba (EulerOS-SA-2020-1952)

According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The samba-libs package contains the libraries needed by programs that link against the SMB, RPC and other protocols...

EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2020-1746)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerbero...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-1616)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : samba (EulerOS-SA-2020-1616)

According to the version of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to,...

CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name principal in the request with any desired user name principal that exists in the KDC effectively obtaining...

CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

ALPINE-CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

DEBIAN-CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

Design/Logic Flaw

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name...

CVE-2018-16860

The CVE-2018-16860 issue affects Samba’s Heimdal KDC implementation in AD DC mode, specifically versions 4.8.x (before 4.8.12), 4.9.x (before 4.9.8), and 4.10.x (before 4.10.3). The vulnerability is a flaw in the KDC handling that enables a man-in-the-middle attacker to intercept a KDC request an...