Categories
Audio Sources - Full Text Articles

Samba addressed multiple high-severity vulnerabilities

Listen to this article

Samba released updates to address multiple vulnerabilities that can be exploited to take control of impacted systems.

Samba released updates to address multiple vulnerabilities, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, that can be exploited to take control of impacted systems.

On December 15, 2022, Samba announced the 4.17.4, 4.16.8 and 4.15.13 security releases to address the above issues.

Samba is a free software re-implementation of the SMB networking protocol that provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. The software runs on most Unix-like systems, such as Linux, Solaris, AIX and the BSD variants, including Apple’s macOS Server, and macOS client (Mac OS X 10.2 and greater).

  • CVE-2022-38023 – The “RC4” protection of the NetLogon Secure channel uses the same algorithms as rc4-hmac cryptography in Kerberos, and so must also be assumed to be weak.
  • CVE-2022-37966 – This is the Samba CVE for the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022.
  • CVE-2022-37967 – An elevation of privilege vulnerability in Windows Kerberos.
  • CVE-2022-45141 – Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, privilege escalation)

The post Samba addressed multiple high-severity vulnerabilities appeared first on Security Affairs.