CVE-2020-25719
N/A
N/A
Summary
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | samba | samba 4.15.2, samba 4.14.10, samba 4.13.14 | affected |
Weaknesses
- CWE-287: CWE-287
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2019732
- https://www.samba.org/samba/security/CVE-2020-25719.html
- https://security.gentoo.org/glsa/202309-06
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2019732
- https://www.samba.org/samba/security/CVE-2020-25719.html
- https://security.gentoo.org/glsa/202309-06
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.