Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-3671
HistoryOct 12, 2021 - 12:00 a.m.

CVE-2021-3671

2021-10-1200:00:00
ubuntu.com
ubuntu.com
8

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.005 Low

EPSS

Percentile

76.5%

A null pointer de-reference was found in the way samba kerberos server
handled missing sname in TGS-REQ (Ticket Granting Server - Request). An
authenticated user could use this flaw to crash the samba server.

Bugs

Notes

Author Note
mdeslaur same as CVE-2021-37750 for MIT krb5
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchheimdal< 1.6~git20131207+dfsg-1ubuntu1.2+esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu18.04noarchheimdal< 7.5.0+dfsg-1ubuntu0.1UNKNOWN
ubuntu20.04noarchheimdal< 7.7.0+dfsg-1ubuntu1.1UNKNOWN
ubuntu16.04noarchheimdal< 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu21.10noarchsamba< 2:4.13.14+dfsg-0ubuntu0.21.10.1UNKNOWN
ubuntu16.04noarchsamba< anyUNKNOWN
ubuntu18.04noarchsamba< 2:4.7.6+dfsg~ubuntu-0ubuntu2.26UNKNOWN
ubuntu20.04noarchsamba< 2:4.13.14+dfsg-0ubuntu0.20.04.1UNKNOWN
ubuntu21.04noarchsamba< 2:4.13.14+dfsg-0ubuntu0.21.04.1UNKNOWN
ubuntu14.04noarchsamba< anyUNKNOWN
Rows per page:
1-10 of 141

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.005 Low

EPSS

Percentile

76.5%