cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
Max CVSS
9.0
Published
2022-02-18
Updated
2023-09-17
EPSS
0.12%
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Max CVSS
8.5
Published
2022-02-18
Updated
2023-09-17
EPSS
0.10%
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Max CVSS
5.9
Published
2022-02-18
Updated
2023-09-17
EPSS
0.14%
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!