Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities
Dec 17, 2022
Server Security / Network Security
Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems. The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141 , have been patched in versions 4.17.4, 4.16.8 and 4.15.13 released on December 15, 2022. Samba is an open source Windows interoperability suite for Linux, Unix, and macOS operating systems that offers file server, printing, and Active Directory services. A brief description of each of the weaknesses is below - CVE-2022-38023 (CVSS score: 8.1) - Use of weak RC4-HMAC Kerberos encryption type in the Netlogon Secure Channel CVE-2022-37966 (CVSS score: 8.1) - An elevation of privilege vulnerability in Windows Kerberos RC4-HMAC CVE-2022-37967 (CVSS score: 7.2) - An elevation of privilege vulnerability in Windows Kerberos CVE-2022-45141 (CVSS score: 8.1) - Use of...
