Authentication Bypass by Spoofing Affecting samba package, versions [0,]
Snyk CVSS
Attack Complexity
Low
Confidentiality
High
Integrity
High
Availability
High
Threat Intelligence
EPSS
0.1% (43rd
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-UNMANAGED-SAMBA-2961658
- published 28 Jul 2022
- disclosed 27 Jul 2022
- credit Joseph Sutton of Catalyst
Introduced: 27 Jul 2022
CVE-2022-32744 Open this link in a new tabHow to fix?
A fix was pushed into the master
branch but not yet published.
Overview
Affected versions of this package are vulnerable to Authentication Bypass by Spoofing. The KDC accepts kpasswd
requests encrypted with any key known to it. By encrypting forged kpasswd
requests with its own key, a user can change other users' passwords, enabling full domain takeover.
Workarounds:
kpasswd
is not a critical protocol for the AD DC in most installations, it can be disabled by setting kpasswd port = 0
in the smb.conf
.