41 matches found
K08602542: SAMBA vulnerability CVE-2022-0336
Security Advisory Description The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
DEBIAN-CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
CVE-2022-0336
Samba AD DC CVE-2022-0336: SPN checks can be bypassed when re-adding a previously present SPN, enabling a write-enabled attacker to impersonate services or cause DoS by matching an existing SPN. Some advisories note no patch for certain releases (e.g., Samba 4.12.5-7), while others indicate an up...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
CVE-2022-32743
A flaw was found in samba that validates the domain name system's host name. This issue links a trailing $ to objectclass=computer, which helps avoid the creation of SPN values that collide with other, possibly privileged hosts...
EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-1666)
According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Samba vfsfruit module uses extended file attributes EA, xattr to provide ...enhanced compatibility with Apple SMB clients and interoperabilit...
March 8, 2022—KB5011495 (OS Build 14393.5006) - EXPIRED
March 8, 2022—KB5011495 OS Build 14393.5006 - EXPIRED EXPIRATION NOTICE As of 9/12/2023, KB5011495 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. --- 11/19/20 For...
Updated samba packages fix security vulnerability
For CVE-2021-20316 and CVE-2021-44141, there is only a workaround and mitigation: All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share...
Denial Of Service (DoS)
samba is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization of permission when adding service principals names SPNs to an account...
USN-5260-1: Samba vulnerabilities
Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root. CVE-2021-44142 Michael Hanselmann discovered that Samb...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
Samba AD users with permission to write to
Description The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that...
UBUNTU-CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
targetedKerberoast - Kerberoast With ACL Abuse Capabilities
targetedKerberoast is a Python script that can, like many others e.g. GetUserSPNs.py, print "kerberoast" hashes for user accounts that have a SPN set. This tool brings the following additional feature: for each user without SPNs, it tries to set one abuse of a write permission on the...
Rubeus - C# Toolset For Raw Kerberos Interaction And Abuses
Rubeus is a C toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project CC BY-NC-SA 4.0 license and Vincent LE TOUX's MakeMeEnterpriseAdmin project GPL v3.0 license. Full credit goes to Benjamin and Vincent for working out the hard components of...
Honeyroasting. How to detect Kerberoast breaches with honeypots
Introduction As we know one of the main issues facing defenders, especially in large environments, is protecting against threat actors after they gain a foothold in the environment. If an attacker lands on a domain-joined PC, the attack surface is massive, and it is vital to detect them as quickl...