rpm package
suse/samba&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (47)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4091 | — | < 4.15.13+git.625.ac658f2f12-3.88.1 | 4.15.13+git.625.ac658f2f12-3.88.1 | Nov 3, 2023 | A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client reque | ||
| CVE-2023-34968 | — | < 4.15.13+git.621.c8ae836ff82-3.85.1 | 4.15.13+git.621.c8ae836ff82-3.85.1 | Jul 20, 2023 | A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request | ||
| CVE-2023-34967 | — | < 4.15.13+git.621.c8ae836ff82-3.85.1 | 4.15.13+git.621.c8ae836ff82-3.85.1 | Jul 20, 2023 | A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in th | ||
| CVE-2023-34966 | — | < 4.15.13+git.621.c8ae836ff82-3.85.1 | 4.15.13+git.621.c8ae836ff82-3.85.1 | Jul 20, 2023 | An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements | ||
| CVE-2022-2127 | — | < 4.15.13+git.621.c8ae836ff82-3.85.1 | 4.15.13+git.621.c8ae836ff82-3.85.1 | Jul 20, 2023 | An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to | ||
| CVE-2023-0922 | — | < 4.15.13+git.594.449ec4a79a1-3.80.1 | 4.15.13+git.594.449ec4a79a1-3.80.1 | Apr 3, 2023 | The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. | ||
| CVE-2021-20251 | — | < 4.15.13+git.534.0d9f8ece26-3.77.1 | 4.15.13+git.534.0d9f8ece26-3.77.1 | Mar 6, 2023 | A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met. | ||
| CVE-2022-3437 | — | < 4.15.13+git.482.1ac2c665c7-3.74.1 | 4.15.13+git.482.1ac2c665c7-3.74.1 | Jan 12, 2023 | A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory w | ||
| CVE-2022-42898 | — | < 4.15.13+git.482.1ac2c665c7-3.74.1 | 4.15.13+git.482.1ac2c665c7-3.74.1 | Dec 25, 2022 | PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cau | ||
| CVE-2022-38023 | — | < 4.15.13+git.482.1ac2c665c7-3.74.1 | 4.15.13+git.482.1ac2c665c7-3.74.1 | Nov 9, 2022 | Netlogon RPC Elevation of Privilege Vulnerability | ||
| CVE-2022-37966 | — | < 4.15.13+git.534.0d9f8ece26-3.77.1 | 4.15.13+git.534.0d9f8ece26-3.77.1 | Nov 9, 2022 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | ||
| CVE-2022-1615 | — | < 4.15.8+git.473.1a1018e0a0b-3.71.2 | 4.15.8+git.473.1a1018e0a0b-3.71.2 | Sep 1, 2022 | In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. | ||
| CVE-2022-0336 | — | < 4.15.4+git.324.8332acf1a63-3.54.1 | 4.15.4+git.324.8332acf1a63-3.54.1 | Aug 29, 2022 | The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on tha | ||
| CVE-2022-32746 | — | < 4.15.8+git.462.e73f4310487-3.68.1 | 4.15.8+git.462.e73f4310487-3.68.1 | Aug 25, 2022 | A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAc | ||
| CVE-2022-32745 | — | < 4.15.8+git.462.e73f4310487-3.68.1 | 4.15.8+git.462.e73f4310487-3.68.1 | Aug 25, 2022 | A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault. | ||
| CVE-2022-32744 | — | < 4.15.8+git.462.e73f4310487-3.68.1 | 4.15.8+git.462.e73f4310487-3.68.1 | Aug 25, 2022 | A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover. | ||
| CVE-2022-32742 | — | < 4.15.8+git.462.e73f4310487-3.68.1 | 4.15.8+git.462.e73f4310487-3.68.1 | Aug 25, 2022 | A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control | ||
| CVE-2022-2031 | — | < 4.15.8+git.462.e73f4310487-3.68.1 | 4.15.8+git.462.e73f4310487-3.68.1 | Aug 25, 2022 | A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tic | ||
| CVE-2021-20316 | — | < 4.15.4+git.324.8332acf1a63-3.54.1 | 4.15.4+git.324.8332acf1a63-3.54.1 | Aug 23, 2022 | A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. | ||
| CVE-2020-25721 | — | < 4.15.4+git.324.8332acf1a63-3.54.1 | 4.15.4+git.324.8332acf1a63-3.54.1 | Mar 16, 2022 | Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets. |
- CVE-2023-4091Nov 3, 2023affected < 4.15.13+git.625.ac658f2f12-3.88.1fixed 4.15.13+git.625.ac658f2f12-3.88.1
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client reque
- CVE-2023-34968Jul 20, 2023affected < 4.15.13+git.621.c8ae836ff82-3.85.1fixed 4.15.13+git.621.c8ae836ff82-3.85.1
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request
- CVE-2023-34967Jul 20, 2023affected < 4.15.13+git.621.c8ae836ff82-3.85.1fixed 4.15.13+git.621.c8ae836ff82-3.85.1
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in th
- CVE-2023-34966Jul 20, 2023affected < 4.15.13+git.621.c8ae836ff82-3.85.1fixed 4.15.13+git.621.c8ae836ff82-3.85.1
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements
- CVE-2022-2127Jul 20, 2023affected < 4.15.13+git.621.c8ae836ff82-3.85.1fixed 4.15.13+git.621.c8ae836ff82-3.85.1
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to
- CVE-2023-0922Apr 3, 2023affected < 4.15.13+git.594.449ec4a79a1-3.80.1fixed 4.15.13+git.594.449ec4a79a1-3.80.1
The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.
- CVE-2021-20251Mar 6, 2023affected < 4.15.13+git.534.0d9f8ece26-3.77.1fixed 4.15.13+git.534.0d9f8ece26-3.77.1
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
- CVE-2022-3437Jan 12, 2023affected < 4.15.13+git.482.1ac2c665c7-3.74.1fixed 4.15.13+git.482.1ac2c665c7-3.74.1
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory w
- CVE-2022-42898Dec 25, 2022affected < 4.15.13+git.482.1ac2c665c7-3.74.1fixed 4.15.13+git.482.1ac2c665c7-3.74.1
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cau
- CVE-2022-38023Nov 9, 2022affected < 4.15.13+git.482.1ac2c665c7-3.74.1fixed 4.15.13+git.482.1ac2c665c7-3.74.1
Netlogon RPC Elevation of Privilege Vulnerability
- CVE-2022-37966Nov 9, 2022affected < 4.15.13+git.534.0d9f8ece26-3.77.1fixed 4.15.13+git.534.0d9f8ece26-3.77.1
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
- CVE-2022-1615Sep 1, 2022affected < 4.15.8+git.473.1a1018e0a0b-3.71.2fixed 4.15.8+git.473.1a1018e0a0b-3.71.2
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
- CVE-2022-0336Aug 29, 2022affected < 4.15.4+git.324.8332acf1a63-3.54.1fixed 4.15.4+git.324.8332acf1a63-3.54.1
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on tha
- CVE-2022-32746Aug 25, 2022affected < 4.15.8+git.462.e73f4310487-3.68.1fixed 4.15.8+git.462.e73f4310487-3.68.1
A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAc
- CVE-2022-32745Aug 25, 2022affected < 4.15.8+git.462.e73f4310487-3.68.1fixed 4.15.8+git.462.e73f4310487-3.68.1
A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
- CVE-2022-32744Aug 25, 2022affected < 4.15.8+git.462.e73f4310487-3.68.1fixed 4.15.8+git.462.e73f4310487-3.68.1
A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.
- CVE-2022-32742Aug 25, 2022affected < 4.15.8+git.462.e73f4310487-3.68.1fixed 4.15.8+git.462.e73f4310487-3.68.1
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control
- CVE-2022-2031Aug 25, 2022affected < 4.15.8+git.462.e73f4310487-3.68.1fixed 4.15.8+git.462.e73f4310487-3.68.1
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tic
- CVE-2021-20316Aug 23, 2022affected < 4.15.4+git.324.8332acf1a63-3.54.1fixed 4.15.4+git.324.8332acf1a63-3.54.1
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.
- CVE-2020-25721Mar 16, 2022affected < 4.15.4+git.324.8332acf1a63-3.54.1fixed 4.15.4+git.324.8332acf1a63-3.54.1
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
Page 1 of 3