Updated: 2023-03-10 12:28:07.061403
Description:
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 6.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| CentOS 8.4 ELS | samba | 4.13.3-5 | 6.5 | MEDIUM | Ignored | 2023-01-23 04:03:06 | |
| CentOS 8.5 ELS | samba | 4.14.5-7 | 6.5 | MEDIUM | Ignored | 2023-01-23 04:03:06 | |
| Ubuntu 16.04 ELS | samba | 4.3.11 | 6.5 | MEDIUM | Released | CLSA-2023:1675372486 | 2023-02-02 20:12:33 |
| Ubuntu 18.04 ELS | samba | 4.7.6 | 6.5 | MEDIUM | Ignored | 2023-03-02 04:04:12 |