17 matches found
EUVD-2019-5985
Malware in sbrugna...
Astra Linux – Vulnerability in freeipa
A vulnerability was discovered in FreeIPA regarding the initial implementation of MS-SFU by MIT Kerberos. This implementation lacked a condition for granting the “forwardable” flag on S4U2Self tickets. Fixing this issue required adding a special case for the checkallowedtodelegate function: If th...
CVE-2020-17049
It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user...
November 14, 2021—KB5008602(OS Build 17763.2305) Out-of-band
November 14, 2021—KB5008602OS Build 17763.2305 Out-of-band 11/9/2021 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2021. There will be a monthly security release know...
July 13, 2021—KB5004305 (Monthly Rollup)
July 13, 2021—KB5004305 Monthly Rollup Important: Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...
July 13, 2021—KB5004285 (Security-only update)
July 13, 2021—KB5004285 Security-only update Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the Update on Adobe Flash Player End of Support. Important: Windows 8.1 and Windows Server 2012 R2 have...
July 13, 2021—KB5004307 (Security-only update)
July 13, 2021—KB5004307 Security-only update Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...
July 13, 2021—KB5004302 (Security-only update)
July 13, 2021—KB5004302 Security-only update Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the Update on Adobe Flash Player End of Support. Important: Windows Server 2012 has reached the end of...
July 13, 2021—KB5004299 (Security-only update)
July 13, 2021—KB5004299 Security-only update Important: Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...
November 19, 2020—KB4594441 (OS Build 14393.4048) Out-of-band
November 19, 2020—KB4594441 OS Build 14393.4048 Out-of-band UPDATED 11/19/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version 1607 update history...
Kerberos authentication and ticket renewal issues on Windows Server 2012 R2 - Out-of-band
Kerberos authentication and ticket renewal issues on Windows Server 2012 R2 - Out-of-band Applies to: Windows Server 2012 R2 Windows Server 2012 R2 Server Core installation NEW 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the...
Fedora 32 : 2:samba / krb5 (2020-939681213a)
KRB5 : - Cross-realm s4u fixes for samba 1836630 - Drop unnecessary conflict with openssl-libs = 3.0.0 - Unify kvno option documentation - Use systemctl reload to HUP the KDC during logrotate SAMBA : - Support S4U operations for Samba AD DC 1836630 - Fix lookup of users and groups when realm used...
EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2020-1746)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerbero...
EulerOS 2.0 SP8 : samba (EulerOS-SA-2020-1032)
According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to,...
Samba 4.x < 4.9.17 / 4.10.x < 4.10.11 / 4.11.x < 4.11.3 Multiple Vulnerabilities
The version of Samba running on the remote host is 4.x prior to 4.9.17, 4.10.x prior to 4.10.11, or 4.11.x prior to 4.11.3. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in the ldbqsort and dnsnamecompare routines due to how the routines...
Authentication flaw
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos...
Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124)
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=875 Windows: DeviceApi CMApi User Hive Impersonation EoP Platform: Windows 10 10586 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The DeviceApi CMApi PnpCtxRegOpenCurrentUserKey function doesn’t chec...