Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

41 – 50 of 187 results


CVE-2021-23192

Medium priority
Fixed

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Not affected Not affected
Show less packages

CVE-2020-25722

Medium priority

Some fixes available 10 of 12

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2020-25721

Medium priority

Some fixes available 6 of 9

Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Ignored Ignored
Show less packages

CVE-2020-25719

Medium priority

Some fixes available 6 of 9

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Ignored Ignored
Show less packages

CVE-2020-25718

Medium priority

Some fixes available 6 of 9

A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC (read-only domain controller). This would allow an RODC to print administrator tickets.

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Ignored Ignored
Show less packages

CVE-2020-25717

Medium priority

Some fixes available 10 of 12

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2016-2124

Medium priority

Some fixes available 10 of 12

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2021-3671

Low priority

Some fixes available 14 of 18

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

2 affected packages

heimdal, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Not affected Not affected Fixed Fixed Fixed
samba Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2021-20254

Medium priority
Fixed

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed
Show less packages

CVE-2021-20277

High priority
Fixed

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from...

2 affected packages

ldb, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ldb Fixed Fixed Fixed
samba Not affected Not affected Not affected
Show less packages