Buffer overflow : Samba Buffer Overflow Vulnerability (CVE-2022-42898)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.104423

Categoría: Buffer overflow

Título: Samba Buffer Overflow Vulnerability (CVE-2022-42898)

Resumen: Samba is prone to a buffer overflow vulnerability.

Descripción: Summary:
Samba is prone to a buffer overflow vulnerability.

Vulnerability Insight:
Samba's Kerberos libraries and AD DC failed to guard against
integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged
PAC to corrupt the heap.

Affected Software/OS:
Samba versions prior to 4.15.12, 4.16.x prior to 4.16.7 and
4.17.x prior to 4.17.3 on 32-bit systems.

Solution:
Update to version 4.15.12, 4.16.7, 4.17.3 or later.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-42898
https://security.gentoo.org/glsa/202309-06
https://security.gentoo.org/glsa/202310-06
https://bugzilla.samba.org/show_bug.cgi?id=15203
https://web.mit.edu/kerberos/advisories/

Copyright Copyright (C) 2022 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.104423
Categoría:	Buffer overflow
Título:	Samba Buffer Overflow Vulnerability (CVE-2022-42898)
Resumen:	Samba is prone to a buffer overflow vulnerability.
Descripción:	Summary: Samba is prone to a buffer overflow vulnerability. Vulnerability Insight: Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap. Affected Software/OS: Samba versions prior to 4.15.12, 4.16.x prior to 4.16.7 and 4.17.x prior to 4.17.3 on 32-bit systems. Solution: Update to version 4.15.12, 4.16.7, 4.17.3 or later. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-42898 https://security.gentoo.org/glsa/202309-06 https://security.gentoo.org/glsa/202310-06 https://bugzilla.samba.org/show_bug.cgi?id=15203 https://web.mit.edu/kerberos/advisories/
Copyright	Copyright (C) 2022 Greenbone Networks GmbH