ID de Prueba:	1.3.6.1.4.1.25623.1.0.104475
Categoría:	Privilege escalation
Título:	Samba Elevation of Privilege Vulnerability (CVE-2022-45141)
Resumen:	Samba is prone to an elevation of privilege vulnerability.
Descripción:	Summary: Samba is prone to an elevation of privilege vulnerability. Vulnerability Insight: Kerberos, the trusted third party authentication system at the heart of Active Directory, issues a ticket using a key known to the target server but nobody else, returned to the client in a TGS-REP. This key needs to be of a type understood only by the KDC and target server. However, due to a coding error subsequently addressed in all recent Heimdal versions and so fixed with Samba 4.16 (which imports Heimdal 8.0pre), the (attacking) client would be given the opportunity to select the encryption type, and so obtain a ticket encrypted with rc4-hmac, that it could attack offline. This is possible unless rc4-hmac is totally removed from the server's account, by removing the unicodePwd attribute, but this will break other aspects of the server's operation in the domain (NETLOGON in particular). Affected Software/OS: Samba versions prior to 4.15.13. Solution: Update to version 4.15.13, 4.16.0 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-45141 https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2022-45141.html
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.