Date: Tue, 11 Oct 2022 05:33:22 GMT From: Yasuhiro Kimura <yasu@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 1466545bbf99 - main - security/vuxml: Document multiple vulnerabilities in Samba Message-ID: <202210110533.29B5XM5I080060@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by yasu: URL: https://cgit.FreeBSD.org/ports/commit/?id=1466545bbf99ac0e99cc76cdcd04630f603f7f82 commit 1466545bbf99ac0e99cc76cdcd04630f603f7f82 Author: Yasuhiro Kimura <yasu@FreeBSD.org> AuthorDate: 2022-10-11 05:17:10 +0000 Commit: Yasuhiro Kimura <yasu@FreeBSD.org> CommitDate: 2022-10-11 05:26:58 +0000 security/vuxml: Document multiple vulnerabilities in Samba --- security/vuxml/vuln-2022.xml | 76 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 87c5b48d1f01..b95b7613d895 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,79 @@ + <vuln vid="f9140ad4-4920-11ed-a07e-080027f5fec9"> + <topic>samba -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>samba412</name> + <range><lt>4.12.16</lt></range> + </package> + <package> + <name>samba413</name> + <range><lt>4.13.17_2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The Samba Team reports:</p> + <blockquote cite="https://lists.samba.org/archive/samba-announce/2022/000609.html">; + <dl> + <dt>CVE-2022-2031</dt> + <dd> + The KDC and the kpasswd service share a single account + and set of keys, allowing them to decrypt each other's + tickets. A user who has been requested to change their + password can exploit this to obtain and use tickets to + other services. + </dd> + <dt>CVE-2022-32744</dt> + <dd> + The KDC accepts kpasswd requests encrypted with any key + known to it. By encrypting forged kpasswd requests with + its own key, a user can change the passwords of other + users, enabling full domain takeover. + </dd> + <dt>CVE-2022-32745</dt> + <dd> + Samba AD users can cause the server to access + uninitialised data with an LDAP add or modify request, + usually resulting in a segmentation fault. + </dd> + <dt>CVE-2022-32746</dt> + <dd> + The AD DC database audit logging module can be made to + access LDAP message values that have been freed by a + preceding database module, resulting in a + use-after-free. This is only possible when modifying + certain privileged attributes, such as + userAccountControl. + </dd> + <dt>CVE-2022-32742</dt> + <dd> + SMB1 Client with write access to a share can cause + server memory contents to be written into a file or + printer. + </dd> + </dl> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-2031</cvename> + <cvename>CVE-2022-32744</cvename> + <cvename>CVE-2022-32745</cvename> + <cvename>CVE-2022-32746</cvename> + <cvename>CVE-2022-32742</cvename> + <url>https://lists.samba.org/archive/samba-announce/2022/000609.html</url>; + <url>https://www.samba.org/samba/security/CVE-2022-2031.html</url>; + <url>https://www.samba.org/samba/security/CVE-2022-32744.html</url>; + <url>https://www.samba.org/samba/security/CVE-2022-32745.html</url>; + <url>https://www.samba.org/samba/security/CVE-2022-32746.html</url>; + <url>https://www.samba.org/samba/security/CVE-2022-32742.html</url>; + </references> + <dates> + <discovery>2022-07-27</discovery> + <entry>2022-10-11</entry> + </dates> + </vuln> + <vuln vid="0ae56f3e-488c-11ed-bb31-b42e99a1b9c3"> <topic>strongswan -- DOS attack vulnerability</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202210110533.29B5XM5I080060>