rpm package

opensuse/samba&distro=openSUSE Leap Micro 5.2

pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%20Micro%205.2

Vulnerabilities (13)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-20251	—	< 4.15.13+git.591.ab36624310c-150300.3.49.1	4.15.13+git.591.ab36624310c-150300.3.49.1	Mar 6, 2023	A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
CVE-2022-3437	—	< 4.15.12+git.535.7750e5c95ef-150300.3.43.1	4.15.12+git.535.7750e5c95ef-150300.3.43.1	Jan 12, 2023	A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory w
CVE-2022-42898	—	< 4.15.12+git.535.7750e5c95ef-150300.3.43.1	4.15.12+git.535.7750e5c95ef-150300.3.43.1	Dec 25, 2022	PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cau
CVE-2022-38023	—	< 4.15.13+git.540.fab3b2a46c6-150300.3.46.1	4.15.13+git.540.fab3b2a46c6-150300.3.46.1	Nov 9, 2022	Netlogon RPC Elevation of Privilege Vulnerability
CVE-2022-37967	—	< 4.15.13+git.540.fab3b2a46c6-150300.3.46.1	4.15.13+git.540.fab3b2a46c6-150300.3.46.1	Nov 9, 2022	Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-37966	—	< 4.15.13+git.540.fab3b2a46c6-150300.3.46.1	4.15.13+git.540.fab3b2a46c6-150300.3.46.1	Nov 9, 2022	Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVE-2022-32743	—	< 4.15.8+git.527.8d0c05d313e-150300.3.40.2	4.15.8+git.527.8d0c05d313e-150300.3.40.2	Sep 1, 2022	Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
CVE-2022-1615	—	< 4.15.8+git.527.8d0c05d313e-150300.3.40.2	4.15.8+git.527.8d0c05d313e-150300.3.40.2	Sep 1, 2022	In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
CVE-2022-32746	—	< 4.15.8+git.500.d5910280cc7-150300.3.37.1	4.15.8+git.500.d5910280cc7-150300.3.37.1	Aug 25, 2022	A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAc
CVE-2022-32745	—	< 4.15.8+git.500.d5910280cc7-150300.3.37.1	4.15.8+git.500.d5910280cc7-150300.3.37.1	Aug 25, 2022	A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
CVE-2022-32744	—	< 4.15.8+git.500.d5910280cc7-150300.3.37.1	4.15.8+git.500.d5910280cc7-150300.3.37.1	Aug 25, 2022	A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.
CVE-2022-32742	—	< 4.15.8+git.500.d5910280cc7-150300.3.37.1	4.15.8+git.500.d5910280cc7-150300.3.37.1	Aug 25, 2022	A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control
CVE-2022-2031	—	< 4.15.8+git.500.d5910280cc7-150300.3.37.1	4.15.8+git.500.d5910280cc7-150300.3.37.1	Aug 25, 2022	A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tic

CVE-2021-20251Mar 6, 2023
affected < 4.15.13+git.591.ab36624310c-150300.3.49.1fixed 4.15.13+git.591.ab36624310c-150300.3.49.1
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
CVE-2022-3437Jan 12, 2023
affected < 4.15.12+git.535.7750e5c95ef-150300.3.43.1fixed 4.15.12+git.535.7750e5c95ef-150300.3.43.1
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory w
CVE-2022-42898Dec 25, 2022
affected < 4.15.12+git.535.7750e5c95ef-150300.3.43.1fixed 4.15.12+git.535.7750e5c95ef-150300.3.43.1
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cau
CVE-2022-38023Nov 9, 2022
affected < 4.15.13+git.540.fab3b2a46c6-150300.3.46.1fixed 4.15.13+git.540.fab3b2a46c6-150300.3.46.1
Netlogon RPC Elevation of Privilege Vulnerability
CVE-2022-37967Nov 9, 2022
affected < 4.15.13+git.540.fab3b2a46c6-150300.3.46.1fixed 4.15.13+git.540.fab3b2a46c6-150300.3.46.1
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-37966Nov 9, 2022
affected < 4.15.13+git.540.fab3b2a46c6-150300.3.46.1fixed 4.15.13+git.540.fab3b2a46c6-150300.3.46.1
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVE-2022-32743Sep 1, 2022
affected < 4.15.8+git.527.8d0c05d313e-150300.3.40.2fixed 4.15.8+git.527.8d0c05d313e-150300.3.40.2
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
CVE-2022-1615Sep 1, 2022
affected < 4.15.8+git.527.8d0c05d313e-150300.3.40.2fixed 4.15.8+git.527.8d0c05d313e-150300.3.40.2
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
CVE-2022-32746Aug 25, 2022
affected < 4.15.8+git.500.d5910280cc7-150300.3.37.1fixed 4.15.8+git.500.d5910280cc7-150300.3.37.1
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAc
CVE-2022-32745Aug 25, 2022
affected < 4.15.8+git.500.d5910280cc7-150300.3.37.1fixed 4.15.8+git.500.d5910280cc7-150300.3.37.1
A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
CVE-2022-32744Aug 25, 2022
affected < 4.15.8+git.500.d5910280cc7-150300.3.37.1fixed 4.15.8+git.500.d5910280cc7-150300.3.37.1
A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.
CVE-2022-32742Aug 25, 2022
affected < 4.15.8+git.500.d5910280cc7-150300.3.37.1fixed 4.15.8+git.500.d5910280cc7-150300.3.37.1
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control
CVE-2022-2031Aug 25, 2022
affected < 4.15.8+git.500.d5910280cc7-150300.3.37.1fixed 4.15.8+git.500.d5910280cc7-150300.3.37.1
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tic