Search CVE reports
21 – 30 of 193 results
Some fixes available 16 of 24
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which...
3 affected packages
heimdal, samba, krb5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| heimdal | Vulnerable | Vulnerable | Fixed | Fixed |
| samba | Not affected | Fixed | Fixed | Fixed |
| krb5 | Not affected | Fixed | Fixed | Fixed |
Some fixes available 4 of 12
Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
2 affected packages
heimdal, samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| heimdal | Vulnerable | Vulnerable | Fixed | Fixed |
| samba | Not affected | Not affected | Not affected | Not affected |
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue...
1 affected package
samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| samba | Not affected | Fixed | Fixed | Fixed |
Some fixes available 9 of 12
Netlogon RPC Elevation of Privilege Vulnerability
1 affected package
samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| samba | Fixed | Fixed | Fixed | Ignored |
Some fixes available 9 of 12
Windows Kerberos Elevation of Privilege Vulnerability
1 affected package
samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| samba | Fixed | Fixed | Fixed | Vulnerable |
Some fixes available 9 of 12
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
1 affected package
samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| samba | Fixed | Fixed | Fixed | Ignored |
Some fixes available 16 of 18
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited...
2 affected packages
heimdal, samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| heimdal | Not affected | Vulnerable | Fixed | Fixed |
| samba | Fixed | Fixed | Fixed | Fixed |
Some fixes available 1 of 6
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
1 affected package
samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| samba | Not affected | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 4 of 12
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
2 affected packages
samba, heimdal
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| samba | Not affected | Not affected | Not affected | Not affected |
| heimdal | Vulnerable | Vulnerable | Fixed | Fixed |
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
1 affected package
samba
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| samba | Not affected | Vulnerable | Vulnerable | Vulnerable |