Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-32744

Опубликовано: 25 авг. 2022
Источник: debian

Описание

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sambafixed2:4.16.4+dfsg-1package
sambaignoredbusterpackage

Примечания

  • https://www.samba.org/samba/security/CVE-2022-32744.html

Связанные уязвимости

ubuntu логотип

CVE-2022-32744

CVSS3: 8.8
ubuntu
почти 3 года назад

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

redhat логотип

CVE-2022-32744

CVSS3: 8.8
redhat
почти 3 года назад

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

nvd логотип

CVE-2022-32744

CVSS3: 8.8
nvd
почти 3 года назад

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

msrc логотип

CVE-2022-32744

CVSS3: 8.8
msrc
8 месяцев назад

Описание отсутствует

github логотип

GHSA-6p44-5x7x-8vxj

CVSS3: 8.8
github
почти 3 года назад

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.