AVG-2648 log

Package	samba
Status	Fixed
Severity	Critical
Type	multiple issues
Affected	4.15.4-1
Fixed	4.15.5-1
Current	4.20.0-3 [extra-testing] 4.20.0-2 [extra]
Ticket	None
Created	Tue Feb 1 17:47:44 2022

Issue	Severity	Remote	Type	Description
CVE-2022-0336	Medium	No	Access restriction bypass	The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the...
CVE-2021-44142	Critical	Yes	Arbitrary code execution	All versions of Samba prior to 4.13.17 are vulnerable to an out-of- bounds heap read write vulnerability that allows remote attackers to execute arbitrary...
CVE-2021-44141	Medium	No	Information disclosure	All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of...

Issue

Severity

Remote

Type

Description

CVE-2022-0336

Medium

Access restriction bypass

The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the...

CVE-2021-44142

Critical

Yes

Arbitrary code execution

All versions of Samba prior to 4.13.17 are vulnerable to an out-of- bounds heap read write vulnerability that allows remote attackers to execute arbitrary...

CVE-2021-44141

Medium

Information disclosure

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of...