vulnerability

Oracle Linux: CVE-2022-38023: ELSA-2023-1090: samba security update (IMPORTANT) (Multiple Advisories)

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
2022-12-16
Added
2023-02-22
Modified
2025-01-07

Description

Netlogon RPC Elevation of Privilege Vulnerability
A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detected.

Solution(s)

oracle-linux-upgrade-ctdboracle-linux-upgrade-ctdb-testsoracle-linux-upgrade-libsmbclientoracle-linux-upgrade-libsmbclient-develoracle-linux-upgrade-libwbclientoracle-linux-upgrade-libwbclient-develoracle-linux-upgrade-python3-sambaoracle-linux-upgrade-python3-samba-testoracle-linux-upgrade-sambaoracle-linux-upgrade-samba-clientoracle-linux-upgrade-samba-client-libsoracle-linux-upgrade-samba-commonoracle-linux-upgrade-samba-common-libsoracle-linux-upgrade-samba-common-toolsoracle-linux-upgrade-samba-dcoracle-linux-upgrade-samba-dc-libsoracle-linux-upgrade-samba-develoracle-linux-upgrade-samba-krb5-printingoracle-linux-upgrade-samba-libsoracle-linux-upgrade-samba-pidloracle-linux-upgrade-samba-pythonoracle-linux-upgrade-samba-python-testoracle-linux-upgrade-samba-testoracle-linux-upgrade-samba-test-libsoracle-linux-upgrade-samba-vfs-glusterfsoracle-linux-upgrade-samba-vfs-iouringoracle-linux-upgrade-samba-winbindoracle-linux-upgrade-samba-winbind-clientsoracle-linux-upgrade-samba-winbind-krb5-locatororacle-linux-upgrade-samba-winbind-modulesoracle-linux-upgrade-samba-winexe

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today