CVE-2020-25722

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix CVE-2016-2124 Stefan Metzmacher reported that SMB1 client connections can be downgraded to plaintext authentication CVE-2020-25717 Andrew Bartlett reported that Samba may map domain users to local users in an undesired way, al ...

Andrew Bartlett discovered that Samba, a SMB/CIFS file, print, and login server for Unix, may map domain users to local users in an undesired way This could allow a user in an AD domain to potentially become root on domain members A new parameter min domain uid (default 1000) has been added to specify the minimum uid allowed when mapping a local ...

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data An attacker could use this flaw to cause total domain compromise ...

A security issue has been found in Samba versions 400 to 4151 At a number of points in the Samba AD DC per-attribute and schema based permission checks were not correctly implemented, allowing up to total domain compromise ...

A flaw was found in the way samba implemented SMB1 authentication An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required (CVE-2016-2124) A flaw was found in the way Samba maps domain users to local users An authenticated attacker could use this flaw to cause possible pri ...

ALAS-2022-224 Amazon Linux 2022 Security Advisory: ALAS-2022-224 Advisory Release Date: 2022-12-06 16:42 Pacific ...