vulnerability
Huawei EulerOS: CVE-2022-3437: samba security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:N/I:N/A:C) | Jan 12, 2023 | Feb 13, 2023 | Jan 28, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Jan 12, 2023
Added
Feb 13, 2023
Modified
Jan 28, 2025
Description
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
Solution(s)
huawei-euleros-2_0_sp10-upgrade-libsmbclienthuawei-euleros-2_0_sp10-upgrade-libwbclienthuawei-euleros-2_0_sp10-upgrade-sambahuawei-euleros-2_0_sp10-upgrade-samba-clienthuawei-euleros-2_0_sp10-upgrade-samba-commonhuawei-euleros-2_0_sp10-upgrade-samba-common-toolshuawei-euleros-2_0_sp10-upgrade-samba-libshuawei-euleros-2_0_sp10-upgrade-samba-winbindhuawei-euleros-2_0_sp10-upgrade-samba-winbind-clientshuawei-euleros-2_0_sp10-upgrade-samba-winbind-modules
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.