Risk | High |
Patch available | YES |
Number of vulnerabilities | 16 |
CVE-ID | CVE-2016-2124 CVE-2020-17049 CVE-2021-20316 CVE-2021-43566 CVE-2021-44141 CVE-2022-0336 CVE-2022-1615 CVE-2022-32742 CVE-2022-32743 CVE-2022-32746 CVE-2022-3437 CVE-2022-3592 CVE-2022-37966 CVE-2022-37967 CVE-2022-38023 CVE-2022-45141 |
CWE-ID | CWE-284 CWE-254 CWE-362 CWE-59 CWE-345 CWE-330 CWE-401 CWE-276 CWE-416 CWE-122 CWE-61 CWE-264 CWE-327 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system samba Operating systems & Components / Operating system package or component |
Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 16 vulnerabilities.
EUVDB-ID: #VU58098
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2124
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to SMB1 client connections can be downgraded to plaintext authentication. A remote attacker can perform a man-in-the-middle attack and downgrade a negotiated SMB1 client connection and its capabitilities.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48269
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-17049
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass authentication process.
The vulnerability exists due to security feature bypass issue in Kerberos. A remote administrator can bypass authentication process and gain unauthorized access to the application.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78991
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-20316
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to a race condition. A remote user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU59345
Risk: Low
CVSSv3.1: 2.3 [CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-43566
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to a symlink race condition when creating directories. A remote authenticated user can use SMB1 or NFS symlink race to create directories on the Unix filesystem outside of the share definition.
Successful exploitation of the vulnerability requites that the user has permissions to create folder in the target directory.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60187
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-44141
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to insecure link following. A remote user with ability to write files to the exported part of the file system under a share via SMB1 unix extensions or via NFS can create a symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU60185
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0336
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a local user to impersonate arbitrary services.
The vulnerability exists due to Samba AD DC relies only on SPN (service principals name) to identify services on the network. An attacker with ability to modify SPNs can bypass implemented protection and cause a denial of service condition by adding an SPN that matches an existing service or impersonate services on the network.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU67270
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-1615
CWE-ID:
CWE-330 - Use of Insufficiently Random Values
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to usage of predictable random values within the GnuTLS gnutls_rnd() function. A remote user can decrypt sensitive information.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65824
Risk: Low
CVSSv3.1: 3.6 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32742
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due memory leak when handling SMB1 requests. A remote user with ability to write data to a file share can force the application to leak memory and gain access to potentially sensitive information.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU67271
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32743
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to Samba does not validate the Validated-DNS-Host-Name for the dNSHostName attribute. A remote attacker can set an arbitrary hostname and perform MitM attack.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU65827
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32746
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error when handling LDAP requests. A remote user with ability to edit privileged properties, such as userAccountControl, can send a specially crafted LDAP request to the server, trigger a use-after-free error and perform a denial of service (DoS) attack.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68701
Risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3437
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. A remote user can send specially crafted data to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68700
Risk: Medium
CVSSv3.1: 4 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3592
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue. A remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS can create symlinks to files outside of the smbd configured share path and access otherwise restricted files on the server.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU69094
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-37966
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Kerberos RC4-HMAC. A remote attacker can conduct a man-in-middle (MiTM) attack, which leads to security restrictions bypass and privilege escalation.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU69104
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-37967
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote administrator to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Kerberos, which leads to security restrictions bypass and privilege escalation.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU69151
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-38023
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to security features bypass in Netlogon RPC. A remote attacker can bypass the Netlogon cryptography feature for signing and sealing traffic during Netlogon authentication.
MitigationUpdate the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU70384
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-45141
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication.
The
vulnerability exists due to an error that allows an attacker to force
the server so issue an rc4-hmac ticket encrypted tickets despite the
target server supporting better encryption (eg aes256-cts-hmac-sha1-96).
A remote attacker can perform an offline attack against the ticket
encrypted with rc4-hmac and login as a privileged user.
Update the affected packages:
aarch64:Vulnerable software versions
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-4.17.5-0.amzn2023.0.2.aarch64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-debugsource-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-4.17.5-0.amzn2023.0.2.aarch64
samba-client-libs-4.17.5-0.amzn2023.0.2.aarch64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-test-4.17.5-0.amzn2023.0.2.aarch64
samba-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dcerpc-4.17.5-0.amzn2023.0.2.aarch64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.aarch64
samba-client-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.aarch64
samba-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-4.17.5-0.amzn2023.0.2.aarch64
samba-test-libs-4.17.5-0.amzn2023.0.2.aarch64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
libwbclient-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.aarch64
python3-samba-devel-4.17.5-0.amzn2023.0.2.aarch64
samba-usershares-4.17.5-0.amzn2023.0.2.aarch64
noarch:
samba-common-4.17.5-0.amzn2023.0.2.noarch
samba-pidl-4.17.5-0.amzn2023.0.2.noarch
src:
samba-4.17.5-0.amzn2023.0.2.src
x86_64:
libwbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-4.17.5-0.amzn2023.0.2.x86_64
samba-test-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-4.17.5-0.amzn2023.0.2.x86_64
samba-client-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-4.17.5-0.amzn2023.0.2.x86_64
samba-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-clients-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-debugsource-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-4.17.5-0.amzn2023.0.2.x86_64
samba-common-tools-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-dcerpc-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libsmbclient-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-modules-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-common-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-client-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-test-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-test-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libnetapi-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-4.17.5-0.amzn2023.0.2.x86_64
libwbclient-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-dc-libs-4.17.5-0.amzn2023.0.2.x86_64
samba-ldb-ldap-modules-4.17.5-0.amzn2023.0.2.x86_64
samba-winbind-krb5-locator-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-debuginfo-4.17.5-0.amzn2023.0.2.x86_64
samba-vfs-iouring-4.17.5-0.amzn2023.0.2.x86_64
python3-samba-devel-4.17.5-0.amzn2023.0.2.x86_64
samba-usershares-4.17.5-0.amzn2023.0.2.x86_64
samba-krb5-printing-4.17.5-0.amzn2023.0.2.x86_64
Amazon Linux AMI: All versions
samba: before 4.17.5-0
CPE2.3 External linkshttp://alas.aws.amazon.com/AL2023/ALAS-2023-032.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.