Описание
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 2:4.17.3+dfsg-3ubuntu2 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | released | 2:4.7.6+dfsg~ubuntu-0ubuntu2.29+esm1 |
| esm-infra/focal | released | 2:4.15.13+dfsg-0ubuntu0.20.04.1 |
| esm-infra/xenial | released | 2:4.3.11+dfsg-0ubuntu0.16.04.34+esm2 |
| focal | released | 2:4.15.13+dfsg-0ubuntu0.20.04.1 |
| jammy | released | 2:4.15.13+dfsg-0ubuntu1 |
| kinetic | not-affected | 2:4.16.4+dfsg-2ubuntu1 |
| lunar | not-affected | 2:4.17.3+dfsg-3ubuntu2 |
Показывать по
Ссылки на источники
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerabili ...
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
EPSS
9.8 Critical
CVSS3