all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-5822-1: Samba vulnerabilities

Add to bookmarks
Jan. 24, 2023, 12:58 p.m. |

Ubuntu security notices ubuntu.com

It was discovered that Samba incorrectly handled the bad password count
logic. A remote attacker could possibly use this issue to bypass bad
passwords lockouts. This issue was only addressed in Ubuntu 22.10.
(CVE-2021-20251)

Evgeny Legerov discovered that Samba incorrectly handled buffers in
certain GSSAPI routines of Heimdal. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-3437)

Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerberos
keys. A …

bad bad passwords bypass crash cve denial of service issue logic password passwords rc4 samba service ubuntu usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6770-1: Fossil regression 10 hours ago | ubuntu.com
apache discovery fixes handling +9
USN-6769-1: Spreadsheet::ParseXLSX vulnerabilities 12 hours ago | ubuntu.com
attacker configuration cve cve-2024 +14
USN-6768-1: GLib vulnerability 15 hours ago | ubuntu.com
attacker bus d-bus escalation +10
USN-6767-1: Linux kernel vulnerabilities 2 days, 9 hours ago | ubuntu.com
attacker compromise crash cve +19
USN-6766-1: Linux kernel vulnerabilities 2 days, 9 hours ago | ubuntu.com
action attacker conditions crash +19
USN-6765-1: Linux kernel (OEM) vulnerabilities 2 days, 13 hours ago | ubuntu.com
attacker crash cve data +15
USN-6764-1: libde265 vulnerability 2 days, 13 hours ago | ubuntu.com
attacker automated denial of service file +7
USN-6754-2: nghttp2 vulnerability 2 days, 13 hours ago | ubuntu.com
advisory attacker denial of service http +11
USN-6763-1: libvirt vulnerability 2 days, 17 hours ago | ubuntu.com
access attacker authorization issue +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

C003561 On-line Vulnerability Assessment (OVA) Tool Manager (CTS) - WED 22 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com

Engineer - IT Security Compliance

@ Tiffany & Co. | Parsippany, NJ, United States
View on infosec-jobs.com

Senior Restricted Research Compliance Specialist

@ University of Cincinnati | Cincinnati, OH, US
View on infosec-jobs.com

Senior Manager of Security Engineering - Employee Compute

@ JPMorgan Chase & Co. | Houston, TX, United States
View on infosec-jobs.com

Incident Response Analyst

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com

Application Security Penetration Tester

@ Vodeno | Poland (remote)
View on infosec-jobs.com
View more jobs