Описание
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 2:4.13.14+dfsg-0ubuntu1 |
| esm-infra-legacy/trusty | ignored | changes too intrusive |
| esm-infra/bionic | ignored | changes too intrusive |
| esm-infra/focal | released | 2:4.13.14+dfsg-0ubuntu0.20.04.1 |
| esm-infra/xenial | ignored | changes too intrusive |
| focal | released | 2:4.13.14+dfsg-0ubuntu0.20.04.1 |
| hirsute | released | 2:4.13.14+dfsg-0ubuntu0.21.04.1 |
| impish | released | 2:4.13.14+dfsg-0ubuntu0.21.10.1 |
| jammy | released | 2:4.13.14+dfsg-0ubuntu1 |
Показывать по
EPSS
9 Critical
CVSS2
7.2 High
CVSS3
Связанные уязвимости
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
A flaw was found in the way Samba, as an Active Directory Domain Contr ...
EPSS
9 Critical
CVSS2
7.2 High
CVSS3