Showing 1 - 3 of 3

CVE-2019-14870

Status Candidate

Overview

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.

Related Files

Gentoo Linux Security Advisory 202003-52: Posted Mar 26, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202003-52 - Multiple vulnerabilities have been found in Samba, the worst of which could lead to remote code execution. Versions less than 4.11.6 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139, CVE-2018-1140, CVE-2018-14629, CVE-2018-16841, CVE-2018-16851, CVE-2018-16852, CVE-2018-16853, CVE-2018-16857, CVE-2018-16860, CVE-2019-10197, CVE-2019-14861, CVE-2019-14870, CVE-2019-14902, CVE-2019-14907, CVE-2019-19344; SHA-256 | 78ecd3bc02b0f10129021084736ee7cc0c9408898c589745d90193370efe75aa; Download | Favorite | View

Ubuntu Security Notice USN-4217-2: Posted Dec 12, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4217-2 - USN-4217-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, denial of service, vulnerability; systems | linux, ubuntu; advisories | CVE-2019-14861, CVE-2019-14870; SHA-256 | 6db26f2e489f1384d2f218d9e2544521385fb447c71f37e016d74825ac3f8bbb; Download | Favorite | View

Ubuntu Security Notice USN-4217-1: Posted Dec 10, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4217-1 - Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. Isaac Boukris discovered that Samba did not enforce the Kerberos DelegationNotAllowed feature restriction, contrary to expectations.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2019-14861, CVE-2019-14870; SHA-256 | 51b01c1767b0bdb132c8d865c0a4fae6ca8ba99c8b662d627473d2bc026ba909; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 224 files
Ubuntu 103 files
Debian 19 files
indoushka 18 files
Gentoo 14 files
Google Security Research 13 files
CraCkEr 10 files
Mirabbas Agalarov 9 files
nu11secur1ty 8 files
Apple 8 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,754)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,806)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,328)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,638)
UNIX (9,237)
UnixWare (186)
Windows (6,555)
Other

CVE-2019-14870

Overview

Related Files

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems