Описание
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
A flaw was found in samba that validates the domain name system's host name. This issue links a trailing $ to objectclass=computer, which helps avoid the creation of SPN values that collide with other, possibly privileged hosts.
Отчет
This security issue only affects the Samba Active Directory support. We do not ship this in RHEL; thus, it is not affected.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | samba | Out of support scope | ||
| Red Hat Enterprise Linux 8 | samba | Not affected | ||
| Red Hat Enterprise Linux 9 | samba | Not affected | ||
| Red Hat Storage 3 | samba | Under investigation |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
Samba does not validate the Validated-DNS-Host-Name right for the dNSH ...
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
EPSS
7.5 High
CVSS3