Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-0336

Published: 29/08/2022 Updated: 17/09/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Samba

Vulnerability Summary

The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

samba samba

fedoraproject fedora 34

fedoraproject fedora 35

Vendor Advisories

Debian CVElist Bug Report Logs: samba: CVE-2022-0336
Debian Bug report logs - #1004694 samba: CVE-2022-0336 Package: src:samba; Maintainer for src:samba is Debian Samba Maintainers <pkg-samba-maint@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 31 Jan 2022 20:06:01 UTC Severity: grave Tags: security, upstream Found in versio ...
Ubuntu Security Notice: USN-5260-1: Samba vulnerabilities
Several security issues were fixed in Samba ...
Debian Security Advisories: DSA-5071-1 samba -- security update
Several vulnerabilities were discovered in Samba, a SMB/CIFS file, print, and login server for Unix CVE-2021-44142 Orange Tsai reported an out-of-bounds heap write vulnerability in the VFS module vfs_fruit, which could result in remote execution of arbitrary code as root CVE-2022-0336 Kees van Vloten reported that Samba AD users ...
Arch Linux Issues:
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain ...
Amazon Linux 2022: ALAS2022-2022-022
A flaw was found in the way samba implemented SMB1 authentication An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required (CVE-2016-2124) A flaw was found in the way Samba maps domain users to local users An authenticated attacker could use this flaw to cause possible pri ...
Amazon Linux 2022: ALAS-2022-224
ALAS-2022-224 Amazon Linux 2022 Security Advisory: ALAS-2022-224 Advisory Release Date: 2022-12-06 16:42 Pacific ...

References

CWE-276https://www.samba.org/samba/security/CVE-2022-0336.htmlhttps://access.redhat.com/security/cve/CVE-2022-0336https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3chttps://bugzilla.redhat.com/show_bug.cgi?id=2046134https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400https://bugzilla.samba.org/show_bug.cgi?id=14950https://security.gentoo.org/glsa/202309-06https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5260-1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook