Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-5985

Malware in sbrugna...

6.4CVSS5.8AI score0.02783EPSS
Exploits0References18
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.5 views

Astra Linux – Vulnerability in freeipa

A vulnerability was discovered in FreeIPA regarding the initial implementation of MS-SFU by MIT Kerberos. This implementation lacked a condition for granting the “forwardable” flag on S4U2Self tickets. Fixing this issue required adding a special case for the checkallowedtodelegate function: If th...

8.8CVSS7.2AI score0.00667EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/11/22 8:20 p.m.60 views

CVE-2020-17049

It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user...

9CVSS7.5AI score0.13794EPSS
Exploits0References4
Microsoft KB
Microsoft KB
added 2021/11/14 12:0 a.m.12 views

November 14, 2021—KB5008602(OS Build 17763.2305) Out-of-band

November 14, 2021—KB5008602OS Build 17763.2305 Out-of-band 11/9/2021 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2021. There will be a monthly security release know...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/07/13 7:0 a.m.101 views

July 13, 2021—KB5004305 (Monthly Rollup)

July 13, 2021—KB5004305 Monthly Rollup Important: Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

9.8CVSS7.9AI score0.13794EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2021/07/13 7:0 a.m.94 views

July 13, 2021—KB5004285 (Security-only update)

July 13, 2021—KB5004285 Security-only update Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the Update on Adobe Flash Player End of Support. Important: Windows 8.1 and Windows Server 2012 R2 have...

9.8CVSS8AI score0.13794EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2021/07/13 7:0 a.m.73 views

July 13, 2021—KB5004307 (Security-only update)

July 13, 2021—KB5004307 Security-only update Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

9.8CVSS8.3AI score0.13794EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2021/07/13 7:0 a.m.58 views

July 13, 2021—KB5004302 (Security-only update)

July 13, 2021—KB5004302 Security-only update Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the Update on Adobe Flash Player End of Support. Important: Windows Server 2012 has reached the end of...

9.8CVSS8AI score0.13794EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2021/07/13 7:0 a.m.132 views

July 13, 2021—KB5004299 (Security-only update)

July 13, 2021—KB5004299 Security-only update Important: Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

9.8CVSS7.7AI score0.13794EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2020/11/18 12:0 a.m.7 views

November 19, 2020—KB4594441 (OS Build 14393.4048) Out-of-band

November 19, 2020—KB4594441 OS Build 14393.4048 Out-of-band UPDATED 11/19/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version 1607 update history...

9CVSS7.8AI score0.13794EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2020/11/18 12:0 a.m.4 views

Kerberos authentication and ticket renewal issues on Windows Server 2012 R2 - Out-of-band

Kerberos authentication and ticket renewal issues on Windows Server 2012 R2 - Out-of-band Applies to: Windows Server 2012 R2 Windows Server 2012 R2 Server Core installation NEW 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the...

9CVSS6.8AI score0.13794EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/11/02 12:0 a.m.16 views

Fedora 32 : 2:samba / krb5 (2020-939681213a)

KRB5 : - Cross-realm s4u fixes for samba 1836630 - Drop unnecessary conflict with openssl-libs = 3.0.0 - Unify kvno option documentation - Use systemctl reload to HUP the KDC during logrotate SAMBA : - Support S4U operations for Samba AD DC 1836630 - Fix lookup of users and groups when realm used...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/01 12:0 a.m.59 views

EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2020-1746)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerbero...

7.5CVSS6.7AI score0.03151EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.46 views

EulerOS 2.0 SP8 : samba (EulerOS-SA-2020-1032)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to,...

7.5CVSS6.6AI score0.03515EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/12/13 12:0 a.m.84 views

Samba 4.x < 4.9.17 / 4.10.x < 4.10.11 / 4.11.x < 4.11.3 Multiple Vulnerabilities

The version of Samba running on the remote host is 4.x prior to 4.9.17, 4.10.x prior to 4.10.11, or 4.11.x prior to 4.11.3. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in the ldbqsort and dnsnamecompare routines due to how the routines...

6.4CVSS6.3AI score0.02783EPSS
Exploits0References4
Prion
Prion
added 2019/12/10 11:15 p.m.21 views

Authentication flaw

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos...

6.4CVSS5.2AI score0.02783EPSS
Exploits0References14Affected Software5
Exploit DB
Exploit DB
added 2016/10/18 12:0 a.m.147 views

Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124)

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=875 Windows: DeviceApi CMApi User Hive Impersonation EoP Platform: Windows 10 10586 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The DeviceApi CMApi PnpCtxRegOpenCurrentUserKey function doesn’t chec...

7.4AI score
Exploits0
Rows per page
Query Builder