14 lines
955 B
JSON
14 lines
955 B
JSON
|
{
|
||
|
|
"id": "openEuler-SA-2023-1018",
|
||
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1018",
|
||
|
|
"title": "An update for samba is now available for openEuler-22.03-LTS",
|
||
|
|
"severity": "Important",
|
||
|
|
"description": "Samba is a suite of programs for Linux and Unix to interoperate with Windows.\r\n\r\nSecurity Fix(es):\r\n\r\nSince the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).(CVE-2022-45141)\r\n\r\nWindows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.(CVE-2022-37966)",
|
||
|
|
"cves": [
|
||
|
|
{
|
||
|
|
"id": "CVE-2022-37966",
|
||
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37966",
|
||
|
|
"severity": "Important"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|