Attackers could target vulnerabilities in Samba in order to gain sometimes far-reaching access to systems. Updated versions remedy the situation.
With Samba, Windows functions such as file and printer services are made available across platforms as a domain controller. Due to security problems when handling keys, attackers could change admin passwords, for example. It is also possible to provoke crashes.
Hostile domain takeover
The most dangerous is considered a vulnerability (CVE-2022-32744 “hoch’) affecting the kpasswd service. Attackers could encrypt requests with their own key at this point, which are then accepted. It should also be possible to change the passwords of other users. If this happens to an admin account, it could result in a full domain takeover.
The remaining vulnerabilities are with the threat level “medium“ classified. Attackers could launch DoS attacks or data leaks here. The developers state that the security problems in Samba 4.16.4, 4.15.9 and 4.14.14 to have solved.
List sorted by threat level in descending order:
To home page