PT-2023-3678 · Samba+9 · Samba+9

Tej Rathi

·

Publicado

2023-07-19

·

Atualizado

2024-11-15

·

CVE-2022-2127

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Samba (affected versions not specified)
Description The issue is related to an out-of-bounds read vulnerability in Samba due to insufficient length checks in the winbindd pam auth crap.c component. This vulnerability can be exploited when performing NTLM authentication, as the client replies to cryptographic challenges back to the server with variable lengths, and Winbind fails to check the lan manager response length. A maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALSA-2023:6667
ALSA-2023:7139
ALT-PU-2023-4520
ALT-PU-2023-4522
ALT-PU-2023-4523
ALT-PU-2023-7794
ALT-PU-2024-12484
ALT-PU-2024-14683
AZL-44029
AZL-44625
BDU:2023-03963
CESA-2023_7139
CVE-2022-2127
DLA-3792-1
DSA-5477-1
DSA-5647-1
ECHO-2CC5-1364-3F20
MGASA-2023-0247
OESA-2023-1449
OESA-2023-1450
OESA-2023-1451
OESA-2023-1452
OESA-2023-1453
OPENSUSE-SU-2023_3358-1
OPENSUSE-SU-2024:13071-1
RHSA-2023:6667
RHSA-2023:7139
RHSA-2023_6667
RHSA-2023_7139
RHSA-2024:0423
RHSA-2024:0580
SUSE-SU-2023:2887-1
SUSE-SU-2023:2888-1
SUSE-SU-2023:2929-1
SUSE-SU-2023:2930-1
SUSE-SU-2023:3017-1
SUSE-SU-2023:3060-1
SUSE-SU-2023:3066-1
SUSE-SU-2023:3358-1
SUSE-SU-2023_2887-1
SUSE-SU-2023_2888-1
SUSE-SU-2023_2929-1
SUSE-SU-2023_2930-1
SUSE-SU-2023_3017-1
SUSE-SU-2023_3060-1
SUSE-SU-2023_3358-1
USN-6238-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Samba
Suse
Ubuntu