Описание
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:4.4.5+dfsg-2ubuntu7 |
| esm-infra-legacy/trusty | not-affected | 2:4.3.11+dfsg-0ubuntu0.14.04.4 |
| esm-infra/xenial | not-affected | 2:4.3.11+dfsg-0ubuntu0.16.04.3 |
| precise | released | 2:3.6.25-0ubuntu0.12.04.5 |
| precise/esm | not-affected | 2:3.6.25-0ubuntu0.12.04.5 |
| trusty | released | 2:4.3.11+dfsg-0ubuntu0.14.04.4 |
| trusty/esm | not-affected | 2:4.3.11+dfsg-0ubuntu0.14.04.4 |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | DNE |
Показывать по
EPSS
3.3 Low
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always re ...
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
EPSS
3.3 Low
CVSS2
6.5 Medium
CVSS3