A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
samba samba |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |
||
fedoraproject fedora 35 |
||
canonical ubuntu linux 20.04 |
||
canonical ubuntu linux 21.04 |
||
canonical ubuntu linux 21.10 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux for scientific computing 7.0 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux for power little endian 7.0 |
||
redhat enterprise linux for power big endian 7.0 |
||
redhat enterprise linux for ibm z systems 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux eus 8.2 |
||
redhat enterprise linux server tus 8.2 |
||
redhat enterprise linux server aus 8.2 |
||
redhat enterprise linux server tus 8.4 |
||
redhat enterprise linux eus 8.4 |
||
redhat enterprise linux server aus 8.4 |
||
redhat enterprise linux server update services for sap solutions 8.2 |
||
redhat enterprise linux server update services for sap solutions 8.4 |
||
redhat enterprise linux for power little endian eus 8.2 |
||
redhat enterprise linux for ibm z systems eus 8.2 |
||
redhat enterprise linux for power little endian 8.0 |
||
redhat enterprise linux for ibm z systems eus 8.4 |
||
redhat enterprise linux for ibm z systems 8.0 |
||
redhat enterprise linux for power little endian eus 8.4 |
Vulmon