How to Enable Extended Logging of SPNs Used During Connections

Veeam Backup & Replication 12 Feature This article is regarding a feature available starting in Veeam Backup & Replication 12. Purpose This article documents how to enable the logging of Service Principal Names SPNs used during Kereberos-based connections. Use Case When troubleshooting Kerberos...

Amazon Linux 2022 : samba (ALAS2022-2022-224)

The version of samba installed on the remote host is prior to 4.16.2-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-224 advisory. - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the...

Design/Logic Flaw

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1459)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Samba vfsfruit module uses extended file attributes EA, xattr to provide ...enhanced compatibility with Apple SMB clients and interoperabilit...

SUSE SLES12 Security Update : samba (SUSE-SU-2022:0323-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0323-1 advisory. - Kerberos acceptors need easy access to stable AD identifiers eg objectSid. Samba as an AD DC now provides a way for Linux...

ADSearch - A Tool To Help Query AD Via The LDAP Protocol

A tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD. Key Features List all Domain Admins Custom LDAP Search Connect to LDAPS Servers Output JSON data from AD instances Retrieve custom attributes from a generic query i.e. All computers Usage...

RiskySPN - Detect And Abuse Risky SPNs

RiskySPNs is a collection of PowerShell scripts focused on detecting and abusing accounts associated with SPNs Service Principal Name. This module can assist blue teams to identify potentially risky SPNs as well as red teams to escalate privileges by leveraging Kerberos and Active Directory. For...

Oracle Linux 6 : cifs-utils (ELSA-2012-0902)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2012-0902 advisory. 4.8.1-10 - mount.cifs: don't allow unprivileged users to mount onto dirs they can't chdir into bz 812782 4.8.1-9 - cifs.upcall: use krb5snametoprincipal to...

cifs-utils security, bug fix, and enhancement update

4.8.1-10 - mount.cifs: don't allow unprivileged users to mount onto dirs they can't chdir into bz 812782 4.8.1-9 - cifs.upcall: use krb5snametoprincipal to construct principal name bz 805490 4.8.1-8 - mount.cifs: add backupuid=/backupgid= mount options bz 806337 4.8.1-7 - RFE: Improve selection o...