vulnerability

Oracle Linux: CVE-2022-38023: ELSA-2023-0838: samba security update (IMPORTANT) (Multiple Advisories)

Try Surface Command
Back to search
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Dec 16, 2022
Added
Feb 22, 2023
Modified
Dec 3, 2025

Description

Netlogon RPC Elevation of Privilege Vulnerability
A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between the samba client and server to craft data with the same MD5 calculation and replace it without being detected.

Solutions

oracle-linux-upgrade-ctdboracle-linux-upgrade-ctdb-testsoracle-linux-upgrade-libsmbclientoracle-linux-upgrade-libsmbclient-develoracle-linux-upgrade-libwbclientoracle-linux-upgrade-libwbclient-develoracle-linux-upgrade-python3-sambaoracle-linux-upgrade-python3-samba-testoracle-linux-upgrade-sambaoracle-linux-upgrade-samba-clientoracle-linux-upgrade-samba-client-libsoracle-linux-upgrade-samba-commonoracle-linux-upgrade-samba-common-libsoracle-linux-upgrade-samba-common-toolsoracle-linux-upgrade-samba-dcoracle-linux-upgrade-samba-dc-libsoracle-linux-upgrade-samba-develoracle-linux-upgrade-samba-krb5-printingoracle-linux-upgrade-samba-libsoracle-linux-upgrade-samba-pidloracle-linux-upgrade-samba-pythonoracle-linux-upgrade-samba-python-testoracle-linux-upgrade-samba-testoracle-linux-upgrade-samba-test-libsoracle-linux-upgrade-samba-vfs-glusterfsoracle-linux-upgrade-samba-vfs-iouringoracle-linux-upgrade-samba-winbindoracle-linux-upgrade-samba-winbind-clientsoracle-linux-upgrade-samba-winbind-krb5-locatororacle-linux-upgrade-samba-winbind-modulesoracle-linux-upgrade-samba-winexe

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today