PT-2023-2255 · Samba+4 · Samba+4

Lukas Mitter

Publicado

2023-03-29

Atualizado

2024-09-23

CVE-2023-0225

CVSS v2.0

5.5

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)

Description A flaw was found in Samba, related to an incomplete access check on dnsHostName, allowing authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. This issue is associated with incorrect permission assignment for a critical resource, which can be exploited by an attacker to delete the dnsHostName attribute from any object in the directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

ALT-PU-2023-1808

ALT-PU-2023-7794

ALT-PU-2024-12484

AZL-43621

AZL-45378

BDU:2023-02013

CVE-2023-0225

ECHO-C3EA-A3B3-43D9

MGASA-2023-0127

OESA-2023-1233

OPENSUSE-SU-2024:12831-1

SUSE-SU-2023:1687-1

SUSE-SU-2023:1689-1

Produtos afetados

Alt Linux

Astra Linux

Debian

Samba

Suse

PT-2023-2255 · Samba+4 · Samba+4

CVE-2023-0225

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 49