Advisory ROSA-SA-2024-2419

software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-1 CVE-ID: CVE-2021-44758 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: heimdal allowed attackers to cause null pointer dereferencing in the SPNEGO receiver via the preferredmechtype GSSCNOOID and a non-zero initialresponse value f...

The vulnerability of the PAC parameters (Privileged Attribute Certificate) in the krb5_parse_pac function of Heimdal and MIT Kerberos, a network interaction program for Samba, allows a perpetrator to trigger a service failure.

The vulnerability of the PAC Privileged Attribute Certificate parameters in the krb5parsepac function of Heimdal and MIT Kerberos, as well as in Samba’s network interaction programs, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service...

AZL-37015 CVE-2022-32746 affecting package samba for versions less than 4.18.3-1

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...