samba is vulnerable to buffer overflow. The vulnerability exists within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal because GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet causing an application crash.

References

www.openwall.com/lists/oss-security/2023/02/08/1

access.redhat.com/security/cve/CVE-2022-3437

bugzilla.redhat.com/show_bug.cgi?id=2137774

bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-3437

secdb.alpinelinux.org/edge/main.yaml

security.gentoo.org/glsa/202309-06

security.gentoo.org/glsa/202310-06

security.netapp.com/advisory/ntap-20230216-0008/

www.rapid7.com/db/vulnerabilities/samba-cve-2022-3437

www.samba.org/samba/security/CVE-2022-3437.html

freebsd 2

nessus 38

openvas 39

debiancve 2

cbl_mariner 1

cvelist 2

nvd 2

ibm 1

samba 1

f5 1

altlinux 1

slackware 1

osv 11

prion 2

cve 2

vulnrichment 1

redhatcve 2

alpinelinux 2

debian 6

fedora 6

mageia 3

cisa 1

redos 1

ubuntucve 2

cloudfoundry 1

ubuntu 4

freebsd_advisory 1

gentoo 2

rosalinux 1

apple 1

ics 1

avleonov 1

freebsd

samba -- buffer overflow in Heimdal unwrap_des3()

2022-08-02 00:00:00

FreeBSD -- Multiple vulnerabilities in Heimdal

2022-11-15 00:00:00

nessus

Slackware Linux 15.0 / current samba Vulnerability (SSA:2022-298-02)

2022-10-25 00:00:00

Samba 4.0.x < 4.15.11 / 4.16.x < 4.16.6 / 4.17.x < 4.17.2 Buffer Overflow

2022-11-01 00:00:00

EulerOS 2.0 SP11 : samba (EulerOS-SA-2023-1046)

2023-01-05 00:00:00

openvas

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-1046)

2023-01-09 00:00:00

Slackware: Security Advisory (SSA:2022-298-02)

2022-10-26 00:00:00

Samba 4.0 Buffer Overflow Vulnerability (CVE-2022-3437)

2022-10-26 00:00:00

debiancve

CVE-2022-3437

2023-01-12 15:15:10

CVE-2022-45142

2023-03-06 23:15:11

cbl_mariner

CVE-2022-3437 affecting package samba 4.12.5-6

2024-09-30 03:52:42

cvelist

CVE-2022-3437

2023-01-12 00:00:00

CVE-2022-45142

2023-03-06 00:00:00

nvd

CVE-2022-3437

2023-01-12 15:15:10

CVE-2022-45142

2023-03-06 23:15:11

ibm

Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2022-3437)

2023-03-07 16:41:57

samba

Buffer overflow in Heimdal unwrap_des3()

2022-10-25 00:00:00

K000133223 : Samba vulnerability CVE-2022-3437

2023-03-28 00:00:00

altlinux

Security fix for the ALT Linux 10 package samba version 4.16.6-alt1

2022-10-27 00:00:00

slackware

[slackware-security] samba

2022-10-25 18:53:43

osv

CVE-2022-3437

2023-01-12 15:15:10

ctdb-4.17.2+git.273.a55a83528b9-1.1 on GA media

2024-06-15 00:00:00

CVE-2022-45142

2023-03-06 23:15:11

prion

Heap overflow

2023-01-12 15:15:00

Design/Logic Flaw

2023-03-06 23:15:00

cve

CVE-2022-3437

2023-01-12 15:15:10

CVE-2022-45142

2023-03-06 23:15:11

vulnrichment

CVE-2022-3437

2023-01-12 00:00:00

redhatcve

CVE-2022-3437

2022-10-26 14:23:02

CVE-2022-45142

2023-02-09 13:26:48

alpinelinux

CVE-2022-3437

2023-01-12 15:15:10

CVE-2022-45142

2023-03-06 23:15:11

debian

[SECURITY] [DLA 3311-1] heimdal security update

2023-02-08 11:57:40

[SECURITY] [DSA 5344-1] heimdal security update

2023-02-08 12:46:12

[SECURITY] [DSA 5287-1] heimdal security update

2022-11-22 19:58:01

fedora

[SECURITY] Fedora 36 Update: samba-4.16.6-0.fc36

2022-10-27 12:20:52

[SECURITY] Fedora 37 Update: samba-4.17.2-2.fc37

2022-11-10 22:53:16

[SECURITY] Fedora 35 Update: samba-4.15.12-0.fc35

2022-12-02 06:21:54

mageia

Updated heimdal packages fix security vulnerability

2023-03-19 01:16:28

Updated samba packages fix security vulnerability

2023-01-24 10:58:24

Updated heimdal packages fix security vulnerability

2022-12-17 21:48:08

cisa

Samba Releases Security Updates

2022-10-26 00:00:00

redos

ROS-20230324-01

2023-03-24 00:00:00

ubuntucve

CVE-2022-3437

2022-10-27 00:00:00

CVE-2022-45142

2023-02-08 00:00:00

cloudfoundry

USN-5800-1: Heimdal vulnerabilities | Cloud Foundry

2023-02-01 00:00:00

ubuntu

Heimdal vulnerabilities

2023-01-12 00:00:00

Samba vulnerabilities

2023-03-08 00:00:00

Samba vulnerabilities

2023-01-24 00:00:00

freebsd_advisory

FreeBSD-SA-22:14.heimdal

2022-11-15 00:00:00

gentoo

Heimdal: Multiple Vulnerabilities

2023-10-08 00:00:00

Samba: Multiple Vulnerabilities

2023-09-17 00:00:00

rosalinux

Advisory ROSA-SA-2024-2451

2024-07-15 09:04:20

apple

About the security content of macOS Ventura 13

2022-10-24 00:00:00

ics

Siemens SCALANCE XCM-/XRM-300

2024-02-15 12:00:00

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.022

Percentile

89.6%

JSON

Related for VERACODE:37819