FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

samba -- multiple vulnerabilities

Affected packages
samba416 < 4.16.10
samba417 < 4.17.7
samba418 < 4.18.1

Details

VuXML ID e86b8e4d-d551-11ed-8d1e-005056a311d1
Discovery 2023-03-29
Entry 2023-04-07

The Samba Team reports:

An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.

[source]

The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.

[source]

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure via LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.

Installations with such secrets in their Samba AD should assume they have been obtained and need replacing.

[source]

References

CVE Name CVE-2023-0225
CVE Name CVE-2023-0614
CVE Name CVE-2023-0922
URL https://www.samba.org/samba/security/CVE-2023-0225.html
URL https://www.samba.org/samba/security/CVE-2023-0614.html
URL https://www.samba.org/samba/security/CVE-2023-0922.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.