Описание
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Enterprise Linux 6 | samba | Not affected | ||
Red Hat Enterprise Linux 6 | samba4 | Not affected | ||
Red Hat Enterprise Linux 7 | samba | Not affected | ||
Red Hat Enterprise Linux 8 | samba | Not affected | ||
Red Hat Enterprise Linux 9 | ipa | Not affected | ||
Red Hat Enterprise Linux 9 | samba | Not affected | ||
Red Hat Storage 3 | samba | Not affected | ||
Red Hat Enterprise Linux 7 | ipa | Fixed | RHSA-2021:5195 | 16.12.2021 |
Red Hat Enterprise Linux 8 | idm | Fixed | RHSA-2021:5142 | 15.12.2021 |
Red Hat Enterprise Linux 8.2 Extended Update Support | idm | Fixed | RHSA-2022:0076 | 11.01.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.2 High
CVSS3
Связанные уязвимости
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Contr ...
EPSS
7.2 High
CVSS3