{"id":28100,"date":"2022-12-17T11:58:04","date_gmt":"2022-12-17T10:58:04","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=28100"},"modified":"2022-12-17T11:58:18","modified_gmt":"2022-12-17T10:58:18","slug":"multiple-vulnerabilities-cve-2022-38023-cve-2022-37966-cve-2022-37967-cve-2022-45141-in-samba","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/12\/17\/multiple-vulnerabilities-cve-2022-38023-cve-2022-37966-cve-2022-37967-cve-2022-45141-in-samba\/","title":{"rendered":"Multiple vulnerabilities [CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, CVE-2022-45141] in Samba"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/11\/Linux.jpg\" width=\"64\" height=\"76\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2022\/12\/17\/mehrere-sicherheitslcken-cve-2022-38023-cve-2022-37966-cve-2022-37967-cve-2022-45141-in-samba\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]There are serious vulnerabilities in older versions of the Samba software, which provides access from Linux to Windows file and print services. The developers have issued a security advisory as of December 15, 2022, and released corrected versions of Samba that eliminate these vulnerabilities.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/5a8712bc5d434888a4f14d2842a2816a\" alt=\"\" width=\"1\" height=\"1\" \/><a href=\"https:\/\/www.samba.org\/\" target=\"_blank\" rel=\"noopener\">Samba<\/a> is a free program package that allows Microsoft Windows functions such as the file and print services to be used under other operating systems and to assume the role of a domain controller. Among other things, it implements the SMB\/CIFS protocol for this purpose. Especially under Linux, Samba is essential for interacting with Windows over a network.<\/p>\n<h2>Vulnerabilities in Samba<\/h2>\n<p>I just became <a href=\"https:\/\/thehackernews.com\/2022\/12\/samba-issues-security-updates-to-patch.html\" target=\"_blank\" rel=\"noopener\">aware<\/a> of the following issue. Several vulnerabilities have been discovered in the Samba software.<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2022\/12\/samba-issues-security-updates-to-patch.html\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"Samba: CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, CVE-2022-45141\" src=\"https:\/\/i.imgur.com\/SCTFCS3.png\" alt=\"Samba: CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, CVE-2022-45141\" \/><\/a><\/p>\n<p>The Samba developers have posted the relevant security advisory on <a href=\"https:\/\/www.samba.org\/samba\/history\/\" target=\"_blank\" rel=\"noopener\">this release history page<\/a>. In older Samba versions, the following vulnerabilities were discovered and fixed by security updates:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.samba.org\/samba\/security\/CVE-2022-38023.html\" target=\"_blank\" rel=\"noopener\">CVE-2022-38023<\/a>: RC4\/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided<\/li>\n<li><a href=\"https:\/\/www.samba.org\/samba\/security\/CVE-2022-37966.html\" target=\"_blank\" rel=\"noopener\">CVE-2022-37966<\/a>: rc4-hmac Kerberos session keys issued to modern servers<\/li>\n<li><a href=\"https:\/\/www.samba.org\/samba\/security\/CVE-2022-37967.html\" target=\"_blank\" rel=\"noopener\">CVE-2022-37967<\/a>:\u00a0 Kerberos constrained delegation ticket forgery possible against Samba AD DC<\/li>\n<li><a href=\"https:\/\/www.samba.org\/samba\/security\/CVE-2022-45141.html\" target=\"_blank\" rel=\"noopener\">CVE-2022-45141<\/a>: Samba AD DC using Heimdal can be forced to issue rc4-hmac encrypted Kerberos tickets<\/li>\n<\/ul>\n<p>The vulnerabilities are related to RC4 HMAC encryption weaknesses, and Microsoft had patched the Kerberos authentication vulnerabilities in the November 2022 updates. There, the vulnerability was said to be CVE-2022-37966:<\/p>\n<blockquote><p>An unauthenticated attacker could perform an attack that exploits cryptographic protocol vulnerabilities in RFC 4757 (Kerberos encryption type RC4-HMAC-MD5) and MS-PAC (Privilege Attribute Certificate Data Structure specification) to bypass security features in a Windows AD environment<\/p><\/blockquote>\n<p>The Samba developers are reacting to this development and have released <a href=\"https:\/\/download.samba.org\/pub\/samba\/stable\/samba-4.17.4.tar.gz\" target=\"_blank\" rel=\"noopener\">Samba 4.17.4<\/a>, <a href=\"https:\/\/download.samba.org\/pub\/samba\/stable\/samba-4.16.8.tar.gz\" target=\"_blank\" rel=\"noopener\">4.16.8<\/a> and <a href=\"https:\/\/download.samba.org\/pub\/samba\/stable\/samba-4.15.13.tar.gz\" target=\"_blank\" rel=\"noopener\">4.15.1<\/a>3 as security releases for download. The download addresses of individual patches and the Samba source code are available as GZIP tar archives. Details can be found on <a href=\"https:\/\/www.samba.org\/samba\/history\/\" target=\"_blank\" rel=\"noopener\">this release history page<\/a> and in the linked release notes for the individual vulnerabilities.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]There are serious vulnerabilities in older versions of the Samba software, which provides access from Linux to Windows file and print services. The developers have issued a security advisory as of December 15, 2022, and released corrected versions of Samba &hellip; <a href=\"https:\/\/borncity.com\/win\/2022\/12\/17\/multiple-vulnerabilities-cve-2022-38023-cve-2022-37966-cve-2022-37967-cve-2022-45141-in-samba\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[921,580,1547,2],"tags":[637,1156,69],"class_list":["post-28100","post","type-post","status-publish","format-standard","hentry","category-linux","category-security","category-software","category-windows","tag-linux","tag-samba","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/28100","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=28100"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/28100\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=28100"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=28100"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=28100"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}