Описание
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
Релиз | Статус | Примечание |
---|---|---|
bionic | ignored | end of standard support |
devel | released | 2:4.13.14+dfsg-0ubuntu1 |
esm-infra-legacy/trusty | ignored | changes too intrusive |
esm-infra/bionic | ignored | changes too intrusive |
esm-infra/focal | not-affected | 2:4.13.14+dfsg-0ubuntu0.20.04.1 |
esm-infra/xenial | ignored | changes too intrusive |
focal | released | 2:4.13.14+dfsg-0ubuntu0.20.04.1 |
hirsute | released | 2:4.13.14+dfsg-0ubuntu0.21.04.1 |
impish | released | 2:4.13.14+dfsg-0ubuntu0.21.10.1 |
jammy | released | 2:4.13.14+dfsg-0ubuntu1 |
Показывать по
9 Critical
CVSS2
7.2 High
CVSS3
Связанные уязвимости
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Contr ...
9 Critical
CVSS2
7.2 High
CVSS3