Msrc Cbl2 Samba 4.12.5-6 On Cbl Mariner 2.0 vulnerabilities

CVE-2018-14628 [MEDIUM] CWE-862 An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attribu An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. FAQ: Is Azure Linux the

CVE-2022-42898 [HIGH] CWE-190 PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC kadmind or a GSS or Kerberos application server) on PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC kadmind or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow)

CVE-2020-25717 [HIGH] CWE-20 A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main

CVE-2020-25719 [HIGH] CWE-362 A flaw was found in the way Samba as an Active Directory Domain Controller implemented Kerberos name-based authentication. The Samba AD DC could become confused about the user a ticket represents if i A flaw was found in the way Samba as an Active Directory Domain Controller implemented Kerberos name-based authentication. The Samba AD DC could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs fou

CVE-2020-25722 [HIGH] CWE-863 Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise. Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affe

CVE-2020-25718 [HIGH] CWE-862 A flaw was found in the way samba as an Active Directory Domain Controller is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets. A flaw was found in the way samba as an Active Directory Domain Controller is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and

CVE-2016-2124 [MEDIUM] CWE-287 A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. FAQ: Is Azure Linux the only Microsoft product that includes this open

CVE-2020-27840 [HIGH] CWE-125 A flaw was found in samba. Spaces used in a string around a domain name (DN) while supposed to be ignored can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memor A flaw was found in samba. Spaces used in a string around a domain name (DN) while supposed to be ignored can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory resulting in a crash. The highest threat from this vulnerability is

CVE-2020-14383 [MEDIUM] CWE-391 A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server which also serves protocols other than dnsserver will be restarted after a A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server which also serves protocols other than dnsserver will be restarted after a short delay but it is easy for an authenticated non administrative

CVE-2020-14318 [MEDIUM] CWE-266 A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be un A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. FAQ: Is Azure Linux the only Microsoft

CVE-2020-14323 [MEDIUM] CWE-476 A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15 before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing d A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15 before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service. FAQ: Is Azure Linux the only Microsoft product t

CVE-2018-1057 [HIGH] CWE-863 On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' p On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords including administrative users and privileged service account

CVE-2018-1050 [MEDIUM] CWE-476 All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on s All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the pri