CVE-2022-0336

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-0336

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0336.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-0336

Related

Published

2022-08-29T15:15:09Z

Modified

2024-09-18T03:20:48.903695Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity.

References

Affected packages

Alpine:v3.15 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.12-r0

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.3-r0

4.2.3-r1

4.2.3-r2

4.2.3-r3

4.2.7-r0

4.2.9-r0

4.2.9-r1

4.4.2-r0

4.4.2-r1

4.4.3-r0

4.4.4-r0

4.4.5-r0

4.4.5-r1

4.5.1-r0

4.5.3-r0

4.5.3-r1

4.5.4-r0

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.1-r2

4.6.4-r0

4.6.5-r0

4.6.6-r0

4.6.6-r1

4.7.0-r0

4.7.0-r1

4.7.0-r2

4.7.1-r0

4.7.2-r0

4.7.3-r0

4.7.4-r0

4.7.6-r0

4.8.0-r0

4.8.1-r0

4.8.2-r0

4.8.2-r1

4.8.4-r0

4.8.4-r1

4.8.5-r0

4.8.7-r0

4.8.8-r0

4.8.11-r0

4.8.11-r1

4.10.2-r0

4.10.3-r0

4.10.4-r0

4.10.4-r1

4.10.5-r0

4.10.6-r0

4.10.8-r0

4.10.8-r1

4.11.1-r0

4.11.2-r0

4.11.2-r1

4.11.2-r2

4.11.3-r0

4.11.4-r0

4.11.4-r1

4.11.5-r0

4.11.6-r0

4.12.0-r0

4.12.1-r0

4.12.2-r0

4.12.2-r1

4.12.2-r2

4.12.5-r0

4.12.6-r0

4.12.7-r0

4.12.8-r0

4.12.9-r0

4.13.2-r0

4.13.2-r1

4.13.3-r0

4.13.3-r1

4.13.3-r2

4.13.5-r0

4.14.2-r0

4.14.2-r1

4.14.4-r0

4.14.5-r0

4.14.6-r0

4.14.6-r1

4.15.0-r0

4.15.1-r0

4.15.1-r1

4.15.2-r0

4.15.5-r0

Alpine:v3.16 / samba

Package

Name: samba
Purl: pkg:apk/alpine/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.12-r0

Affected versions

3.*

3.2.8-r0

3.2.8-r1

3.2.10-r0

3.2.11-r0

3.2.11-r1

3.3.4-r0

3.3.5-r0

3.3.5-r1

3.3.5-r2

3.3.6-r0

3.3.7-r0

3.3.7-r1

3.3.7-r2

3.3.7-r3

3.3.7-r4

3.3.8-r0

3.4.3-r0

3.4.3-r1

3.4.4-r0

3.4.5-r0

3.4.5-r1

3.4.7-r0

3.4.7-r1

3.5.2-r0

3.5.3-r0

3.5.4-r0

3.5.4-r1

3.5.5-r0

3.5.6-r0

3.5.6-r1

3.5.6-r2

3.5.6-r3

3.5.6-r4

3.5.7-r0

3.5.8-r0

3.5.9-r0

3.5.9-r1

3.5.10-r0

3.5.11-r0

3.6.1-r0

3.6.1-r1

3.6.1-r2

3.6.2-r0

3.6.3-r0

3.6.4-r0

3.6.4-r1

3.6.5-r0

3.6.6-r0

3.6.7-r0

3.6.7-r1

3.6.8-r0

3.6.8-r1

3.6.9-r0

3.6.10-r0

3.6.11-r0

3.6.12-r0

3.6.13-r0

3.6.13-r1

3.6.15-r0

3.6.16-r0

3.6.19-r0

3.6.19-r1

4.*

4.1.0-r1

4.1.0-r2

4.1.1-r0

4.1.2-r0

4.1.3-r0

4.1.3-r1

4.1.3-r2

4.1.4-r0

4.1.5-r0

4.1.5-r1

4.1.6-r0

4.1.7-r0

4.1.8-r0

4.1.9-r0

4.1.10-r0

4.1.11-r0

4.1.12-r0

4.1.13-r0

4.1.14-r0

4.1.14-r1

4.1.15-r0

4.1.16-r0

4.1.17-r0

4.2.0-r0

4.2.0-r1

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.3-r0

4.2.3-r1

4.2.3-r2

4.2.3-r3

4.2.7-r0

4.2.9-r0

4.2.9-r1

4.4.2-r0

4.4.2-r1

4.4.3-r0

4.4.4-r0

4.4.5-r0

4.4.5-r1

4.5.1-r0

4.5.3-r0

4.5.3-r1

4.5.4-r0

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.1-r2

4.6.4-r0

4.6.5-r0

4.6.6-r0

4.6.6-r1

4.7.0-r0

4.7.0-r1

4.7.0-r2

4.7.1-r0

4.7.2-r0

4.7.3-r0

4.7.4-r0

4.7.6-r0

4.8.0-r0

4.8.1-r0

4.8.2-r0

4.8.2-r1

4.8.4-r0

4.8.4-r1

4.8.5-r0

4.8.7-r0

4.8.8-r0

4.8.11-r0

4.8.11-r1

4.10.2-r0

4.10.3-r0

4.10.4-r0

4.10.4-r1

4.10.5-r0

4.10.6-r0

4.10.8-r0

4.10.8-r1

4.11.1-r0

4.11.2-r0

4.11.2-r1

4.11.2-r2

4.11.3-r0

4.11.4-r0

4.11.4-r1

4.11.5-r0

4.11.6-r0

4.12.0-r0

4.12.1-r0

4.12.2-r0

4.12.2-r1

4.12.2-r2

4.12.5-r0

4.12.6-r0

4.12.7-r0

4.12.8-r0

4.12.9-r0

4.13.2-r0

4.13.2-r1

4.13.3-r0

4.13.3-r1

4.13.3-r2

4.13.5-r0

4.14.2-r0

4.14.2-r1

4.14.4-r0

4.14.5-r0

4.14.6-r0

4.14.6-r1

4.15.0-r0

4.15.1-r0

4.15.1-r1

4.15.2-r0

4.15.3-r0

4.15.3-r1

4.15.5-r0

4.15.5-r1

4.15.6-r0

4.15.7-r0

Debian:11 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.13.13+dfsg-1~deb11u3

Affected versions

2:4.*

2:4.13.5+dfsg-2

2:4.13.13+dfsg-1~deb11u1

2:4.13.13+dfsg-1~deb11u2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.16.0+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.16.0+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type: GIT
Repo: https://github.com/samba-team/samba
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1a5dc817c0c9379bbaab14c676681b42b0039a3c

Fixed

c58ede44f382bd0125f761f0479c8d48156be400

Affected versions

ldb-1.*

ldb-1.1.0

ldb-1.1.10

ldb-1.1.11

ldb-1.1.12

ldb-1.1.13

ldb-1.1.14

ldb-1.1.15

ldb-1.1.16

ldb-1.1.17

ldb-1.1.18

ldb-1.1.19

ldb-1.1.2

ldb-1.1.20

ldb-1.1.21

ldb-1.1.22

ldb-1.1.23

ldb-1.1.24

ldb-1.1.25

ldb-1.1.26

ldb-1.1.27

ldb-1.1.28

ldb-1.1.29

ldb-1.1.3

ldb-1.1.30

ldb-1.1.31

ldb-1.1.4

ldb-1.1.5

ldb-1.1.6

ldb-1.1.8

ldb-1.1.9

ldb-1.2.0

ldb-1.2.1

ldb-1.2.2

ldb-1.3.0

ldb-1.3.1

ldb-1.3.2

ldb-1.4.0

ldb-1.4.1

ldb-1.5.0

ldb-1.5.1

ldb-1.5.2

ldb-1.6.1

ldb-1.6.2

ldb-1.6.3

ldb-2.*

ldb-2.0.5

ldb-2.1.0

ldb-2.1.1

ldb-2.2.0

ldb-2.4.0

ldb-2.5.0

ldb-2.6.0

samba-4.*

samba-4.0.0alpha10

samba-4.0.0alpha11

samba-4.0.0alpha13

samba-4.0.0alpha14

samba-4.0.0alpha15

samba-4.0.0alpha16

samba-4.0.0alpha17

samba-4.0.0alpha18

samba-4.0.0alpha19

samba-4.0.0alpha20

samba-4.0.0alpha21

samba-4.0.0alpha6

samba-4.0.0alpha7

samba-4.0.0alpha8

samba-4.0.0alpha9

samba-4.0.0beta1

samba-4.0.0beta2

samba-4.0.0beta3

samba-4.0.0beta4

samba-4.0.0beta5

samba-4.0.0beta6

samba-4.0.0beta7

samba-4.0.0beta8

samba-4.0.0rc1

samba-4.10.0rc1

samba-4.11.0rc1

samba-4.12.0rc1

samba-4.13.0rc1

samba-4.14.0rc1

samba-4.15.0rc1

samba-4.16.0rc1

samba-4.2.0rc1

samba-4.3.0rc1

samba-4.4.0rc1

samba-4.5.0rc1

samba-4.6.0rc1

samba-4.7.0rc1

samba-4.8.0rc1

samba-4.9.0rc1

talloc-1.*

talloc-1.3.1

talloc-2.*

talloc-2.0.0

talloc-2.0.1

talloc-2.0.7

talloc-2.0.8

talloc-2.1.0

talloc-2.1.1

talloc-2.1.10

talloc-2.1.11

talloc-2.1.12

talloc-2.1.13

talloc-2.1.14

talloc-2.1.15

talloc-2.1.16

talloc-2.1.2

talloc-2.1.3

talloc-2.1.4

talloc-2.1.5

talloc-2.1.6

talloc-2.1.7

talloc-2.1.8

talloc-2.1.9

talloc-2.2.0

talloc-2.3.0

talloc-2.3.1

talloc-2.3.2

talloc-2.3.3

tdb-1.*

tdb-1.1.5

tdb-1.2.0

tdb-1.2.1

tdb-1.2.10

tdb-1.2.11

tdb-1.2.12

tdb-1.2.13

tdb-1.3.0

tdb-1.3.1

tdb-1.3.10

tdb-1.3.11

tdb-1.3.12

tdb-1.3.13

tdb-1.3.14

tdb-1.3.15

tdb-1.3.16

tdb-1.3.17

tdb-1.3.18

tdb-1.3.2

tdb-1.3.3

tdb-1.3.4

tdb-1.3.5

tdb-1.3.6

tdb-1.3.7

tdb-1.3.8

tdb-1.3.9

tdb-1.4.0

tdb-1.4.1

tdb-1.4.2

tdb-1.4.3

tdb-1.4.4

tdb-1.4.5

tdb-1.4.6

tevent-0.*

tevent-0.10.0

tevent-0.10.1

tevent-0.10.2

tevent-0.11.0

tevent-0.9.11

tevent-0.9.12

tevent-0.9.13

tevent-0.9.14

tevent-0.9.15

tevent-0.9.16

tevent-0.9.17

tevent-0.9.18

tevent-0.9.19

tevent-0.9.20

tevent-0.9.21

tevent-0.9.22

tevent-0.9.23

tevent-0.9.24

tevent-0.9.25

tevent-0.9.26

tevent-0.9.27

tevent-0.9.28

tevent-0.9.29

tevent-0.9.30

tevent-0.9.31

tevent-0.9.32

tevent-0.9.33

tevent-0.9.34

tevent-0.9.35

tevent-0.9.36

tevent-0.9.37

tevent-0.9.38

tevent-0.9.39

tevent-0.9.8