CVE-2022-32744

Debian Bug report logs - #1016449 samba: CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 Package: src:samba; Maintainer for src:samba is Debian Samba Maintainers <pkg-samba-maint@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 31 Jul 2022 19:42:02 UT ...

Several security issues were fixed in Samba ...

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix CVE-2022-2031 Luke Howard reported that Samba AD users can bypass certain restrictions associated with changing passwords A user who has been requested to change their password can exploit this to obtain and use tickets to oth ...

A flaw was found in Samba The KDC accepts kpasswd requests encrypted with any key known to it By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover (CVE-2022-32744) ...

It was found that the Kerberos Key Distribution Center (KDC) delegation feature, Service for User (S4U), did not sufficiently protect the tickets it's providing from tempering A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user (CVE-2020-17049) A flaw was found in Samba Some ...

A flaw was found in Samba The KDC accepts kpasswd requests encrypted with any key known to it By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover ...

Severity Unknown Remote Unknown Type Unknown Description AVG-2782 samba 4163-1 4164-1 Unknown Fixed ...

ALAS-2022-213 Amazon Linux 2022 Security Advisory: ALAS-2022-213 Advisory Release Date: 2022-12-06 16:41 Pacific ...