---

CVE-2022-32744 - log back

CVE-2022-32744 edited at 28 Jul 2022 09:37:18
Notes	+ kpasswd is not a critical protocol for the AD DC in most installations, it can be disabled by setting "kpasswd port = 0" in the smb.conf.

CVE-2022-32744 edited at 28 Jul 2022 09:33:51
Severity	- Unknown + High

CVE-2022-32744 edited at 28 Jul 2022 09:33:07
Remote	- Unknown + Remote
Type	- Unknown + Authentication bypass
Description	+ Samba AD users can forge password change requests for any user.
References	+ https://www.samba.org/samba/security/CVE-2022-32744.html
Notes

CVE-2022-32744 created at 28 Jul 2022 06:59:34