发布时间: 2021年12月11日
修改时间: 2021年12月11日
A flaw was discovered in the way that Samba, as an AD domain controller, implements Kerberos name-based authentication. If Samba AD DC does not strictly require Kerberos PAC and always uses the SID found in it, it may not be able to distinguish the user represented by the credential.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | |
| Attack Vector | Network | |
| CVSS评分 | 7.2 | |
| Attack Complexity | Low | |
| Privileges Required | High | |
| Scope | Unchanged | |
| Integrity | High | |
| User Interaction | None | |
| Availability | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2021-1460 | samba security update | 2021年12月10日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | samba | Fixed |
