Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities

News

Dec 17, 2022Ravie LakshmananServer Security / Network Security

Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems.

The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in versions 4.17.4, 4.16.8 and 4.15.13 released on December 15, 2022.

Samba is an open source Windows interoperability suite for Linux, Unix, and macOS operating systems that offers file server, printing, and Active Directory services.

CyberSecurity

A brief description of each of the weaknesses is below –

  • CVE-2022-38023 (CVSS score: 8.1) – Use of weak RC4-HMAC Kerberos encryption type in the NetLogon Secure Channel
  • CVE-2022-37966 (CVSS score: 8.1) – An elevation of privilege vulnerability in Windows Kerberos RC4-HMAC
  • CVE-2022-37967 (CVSS score: 7.2) – An elevation of privilege vulnerability in Windows Kerberos
  • CVE-2022-45141 (CVSS score: 8.1) – Use of RC4-HMAC encryption when issuing Kerberos tickets in Samba Active Directory domain controller (AD DC) using Heimdal

It’s worth noting that both CVE-2022-37966 and CVE-2022-37967, which enable an adversary to gain administrator privileges, were first disclosed by Microsoft as part of its November 2022 Patch Tuesday updates.

“An unauthenticated attacker could conduct an attack that could leverage cryptographic protocol vulnerabilities in RFC 4757 (Kerberos encryption type RC4-HMAC-MD5) and MS-PAC (Privilege Attribute Certificate Data Structure specification) to bypass security features in a Windows AD environment,” the company said of CVE-2022-37966.

The patches also come as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published 41 Industrial Control Systems (ICS) advisories pertaining to various flaws impacting Siemens and Prosys OPC products.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown
Why system resilience should mainly be the job of the OS, not just third-party applications
British Hacker Charged in the US For $3.75m Insider Trading Scheme
Cybersecurity Awareness Month needs a radical overhaul – it needs legislation
NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

Leave a Reply

Your email address will not be published. Required fields are marked *