A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes such as userAccountControl.

...

samba: AD users can induce a use-after-free in the server process with an LDAP add or modify request

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

CVE-2022-32746

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

AZL-10707 CVE-2022-32746 affecting package samba 4.12.5-7

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

AZL-37015 CVE-2022-32746 affecting package samba for versions less than 4.18.3-1

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

CVE-2022-32746

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

Design/Logic Flaw

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

CVE-2022-32746

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

UBUNTU-CVE-2022-32746

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

CVE-2022-32746

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

Samba Privilege Escalation Vulnerability (CVE-2014-8143)

In Samba Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the...

AD Starter Scan - Blank passwords

Binary data adsiblankpwd.nbin...

AD Starter Scan - Kerberos Pre-authentication Validation

Binary data adsikerberospreauth.nbin...

samba: privilege elevation

Samba's Active Directory Domain Controller AD DC allows the administrator to delegate creation of user or computer accounts to specific users or groups. Samba's AD DC did not implement the additional required check on the UFSERVERTRUSTACCOUNT bit in the userAccountControl attributes. Most Samba...

CVE-2014-8143

Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller AD DC is configured, allows remote authenticated users to set the LDB userAccountControl UFSERVERTRUSTACCOUNT bit, and consequently gain privileges, by leveraging delegation of...

Security fix for the ALT Linux 10 package samba version 4.1.16-alt1

Jan. 15, 2015 Andrey Cherepanov 4.1.16-alt1 - New version - Security fixes: + CVE-2014-8143: Samba's AD DC allows the administrator to delegate creation of user or computer accounts to specific users or groups. However, all released versions of Samba's AD DC did not implement the additional...