7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.7 Medium
AI Score
Confidence
High
0.041 Low
EPSS
Percentile
92.2%
It was discovered that Samba incorrectly handled Winbind NTLM
authentication responses. An attacker could possibly use this issue to
cause Samba to crash, resulting in a denial of service. (CVE-2022-2127)
Andreas Schneider discovered that Samba incorrectly enforced SMB2 packet
signing. A remote attacker could possibly use this issue to obtain or
modify sensitive information. This issue only affected Ubuntu 23.04.
(CVE-2023-3347)
Florent Saudel and Arnaud Gatignolof discovered that Samba incorrectly
handled certain Spotlight requests. A remote attacker could possibly use
this issue to cause Samba to consume resources, leading to a denial of
service. (CVE-2023-34966, CVE-2023-34967)
Ralph Boehme and Stefan Metzmacher discovered that Samba incorrectly
handled paths returned by Spotlight requests. A remote attacker could
possibly use this issue to obtain sensitive information. (CVE-2023-34968)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 23.04 | noarch | samba | < 2:4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | ctdb | < 2:4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | ctdb-dbgsym | < 2:4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | ldb-tools | < 2:2.6.2+samba4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | ldb-tools-dbgsym | < 2:2.6.2+samba4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | libldb-dev | < 2:2.6.2+samba4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | libldb2 | < 2:2.6.2+samba4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | libldb2-dbgsym | < 2:2.6.2+samba4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | libnss-winbind | < 2:4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
Ubuntu | 23.04 | noarch | libnss-winbind-dbgsym | < 2:4.17.7+dfsg-1ubuntu1.1 | UNKNOWN |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.7 Medium
AI Score
Confidence
High
0.041 Low
EPSS
Percentile
92.2%