Search CVE reports
41 – 50 of 187 results
CVE-2021-23192
Medium priorityA flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the...
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | — | Fixed | Fixed | Not affected | Not affected |
CVE-2020-25722
Medium prioritySome fixes available 10 of 12
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2020-25721
Medium prioritySome fixes available 6 of 9
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | — | Fixed | Fixed | Ignored | Ignored |
CVE-2020-25719
Medium prioritySome fixes available 6 of 9
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require...
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | — | Fixed | Fixed | Ignored | Ignored |
CVE-2020-25718
Medium prioritySome fixes available 6 of 9
A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets.
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | — | Fixed | Fixed | Ignored | Ignored |
CVE-2020-25717
Medium prioritySome fixes available 10 of 12
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2016-2124
Medium prioritySome fixes available 10 of 12
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2021-3671
Low prioritySome fixes available 14 of 18
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
2 affected packages
heimdal, samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
heimdal | Not affected | Not affected | Fixed | Fixed | Fixed |
samba | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2021-20254
Medium priorityA flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the...
1 affected package
samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
samba | — | — | Fixed | Fixed | Fixed |
CVE-2021-20277
High priorityA flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from...
2 affected packages
ldb, samba
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ldb | — | — | Fixed | Fixed | Fixed |
samba | — | — | Not affected | Not affected | Not affected |