Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2022-3437

Published: 12/01/2023 Updated: 22/04/2024
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Samba

Vulnerability Summary

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

samba samba

fedoraproject fedora 36

fedoraproject fedora 37

Vendor Advisories

Debian CVElist Bug Report Logs: heimdal: CVE-2022-44640 CVE-2022-42898 CVE-2022-3437 CVE-2021-44758
Debian Bug report logs - #1024187 heimdal: CVE-2022-44640 CVE-2022-42898 CVE-2022-3437 CVE-2021-44758 Package: src:heimdal; Maintainer for src:heimdal is Brian May <bam@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 15 Nov 2022 21:30:02 UTC Severity: grave Tags: security, upstream Foun ...
Ubuntu Security Notice: USN-5822-1: Samba vulnerabilities
Several security issues were fixed in Samba ...
Ubuntu Security Notice: USN-5800-1: Heimdal vulnerabilities
Several security issues were fixed in Heimdal ...
Debian Security Advisories: DSA-5344-1 heimdal -- security update
Helmut Grohne discovered a flaw in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos The backports of fixes for CVE-2022-3437 accidentally inverted important memory comparisons in the arcfour-hmac-md5 and rc4-hmac integrity check handlers for gssapi, resulting in incorrect validation of message integrity codes ...
Debian Security Advisories: DSA-5287-1 heimdal -- security update
Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos CVE-2021-3671 Joseph Sutton discovered that the Heimdal KDC does not validate that the server name in the TGS-REQ is present before dereferencing, which may result in denial of service CVE-2021-44758 It ...
Red Hat:
Description<!----> This CVE is under investigation by Red Hat Product Security ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-2828 samba 4174-4 4175-1 Unknown Fixed ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/0600b443ff4393d097c485fbc8d3ed3b
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-122https://www.samba.org/samba/security/CVE-2022-3437.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=2137774https://access.redhat.com/security/cve/CVE-2022-3437http://www.openwall.com/lists/oss-security/2023/02/08/1https://security.netapp.com/advisory/ntap-20230216-0008/https://security.gentoo.org/glsa/202309-06https://security.gentoo.org/glsa/202310-06https://lists.debian.org/debian-lts-announce/2024/04/msg00015.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187https://ubuntu.com/security/notices/USN-5822-1https://nvd.nist.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook