Описание
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
Ссылки
- Issue TrackingPatchThird Party Advisory
- MitigationVendor Advisory
- Issue TrackingPatchThird Party Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
Одно из
Одно из
EPSS
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Contr ...
EPSS
7.2 High
CVSS3
9 Critical
CVSS2