Search for packages
| purl | pkg:alpm/archlinux/samba@4.17.4-4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4y3f-523m-aaak
Aliases: CVE-2022-45141 |
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96). |
Affected by 0 other vulnerabilities. |
|
VCID-djmc-t9ae-aaap
Aliases: CVE-2022-38023 |
Netlogon RPC Elevation of Privilege Vulnerability. |
Affected by 0 other vulnerabilities. |
|
VCID-m9ne-ccbr-aaak
Aliases: CVE-2022-3437 |
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. |
Affected by 0 other vulnerabilities. |
|
VCID-qr91-uuuy-aaas
Aliases: CVE-2022-42898 |
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug." |
Affected by 0 other vulnerabilities. |
|
VCID-vpyw-hewy-aaap
Aliases: CVE-2022-37966 |
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability. |
Affected by 0 other vulnerabilities. |
|
VCID-x7df-8cm1-aaaj
Aliases: CVE-2022-37967 |
Windows Kerberos Elevation of Privilege Vulnerability. |
Affected by 0 other vulnerabilities. |
|
VCID-xkcz-7qfm-aaab
Aliases: CVE-2022-3492 |
A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-210772. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:44:00.662352+00:00 | Arch Linux Importer | Affected by | VCID-m9ne-ccbr-aaak | https://security.archlinux.org/AVG-2828 | 36.0.0 |
| 2025-03-28T07:44:00.631195+00:00 | Arch Linux Importer | Affected by | VCID-xkcz-7qfm-aaab | https://security.archlinux.org/AVG-2828 | 36.0.0 |
| 2025-03-28T07:44:00.600854+00:00 | Arch Linux Importer | Affected by | VCID-vpyw-hewy-aaap | https://security.archlinux.org/AVG-2828 | 36.0.0 |
| 2025-03-28T07:44:00.571838+00:00 | Arch Linux Importer | Affected by | VCID-x7df-8cm1-aaaj | https://security.archlinux.org/AVG-2828 | 36.0.0 |
| 2025-03-28T07:44:00.541838+00:00 | Arch Linux Importer | Affected by | VCID-djmc-t9ae-aaap | https://security.archlinux.org/AVG-2828 | 36.0.0 |
| 2025-03-28T07:44:00.512835+00:00 | Arch Linux Importer | Affected by | VCID-qr91-uuuy-aaas | https://security.archlinux.org/AVG-2828 | 36.0.0 |
| 2025-03-28T07:44:00.485903+00:00 | Arch Linux Importer | Affected by | VCID-4y3f-523m-aaak | https://security.archlinux.org/AVG-2828 | 36.0.0 |
| 2024-09-18T01:59:09.014298+00:00 | Arch Linux Importer | Affected by | VCID-m9ne-ccbr-aaak | https://security.archlinux.org/AVG-2828 | 34.0.1 |
| 2024-09-18T01:59:08.992630+00:00 | Arch Linux Importer | Affected by | VCID-xkcz-7qfm-aaab | https://security.archlinux.org/AVG-2828 | 34.0.1 |
| 2024-09-18T01:59:08.969183+00:00 | Arch Linux Importer | Affected by | VCID-vpyw-hewy-aaap | https://security.archlinux.org/AVG-2828 | 34.0.1 |
| 2024-09-18T01:59:08.944747+00:00 | Arch Linux Importer | Affected by | VCID-x7df-8cm1-aaaj | https://security.archlinux.org/AVG-2828 | 34.0.1 |
| 2024-09-18T01:59:08.919958+00:00 | Arch Linux Importer | Affected by | VCID-djmc-t9ae-aaap | https://security.archlinux.org/AVG-2828 | 34.0.1 |
| 2024-09-18T01:59:08.894900+00:00 | Arch Linux Importer | Affected by | VCID-qr91-uuuy-aaas | https://security.archlinux.org/AVG-2828 | 34.0.1 |
| 2024-09-18T01:59:08.869647+00:00 | Arch Linux Importer | Affected by | VCID-4y3f-523m-aaak | https://security.archlinux.org/AVG-2828 | 34.0.1 |
| 2024-01-03T22:25:26.908546+00:00 | Arch Linux Importer | Affected by | VCID-m9ne-ccbr-aaak | https://security.archlinux.org/AVG-2828 | 34.0.0rc1 |
| 2024-01-03T22:25:26.886331+00:00 | Arch Linux Importer | Affected by | VCID-xkcz-7qfm-aaab | https://security.archlinux.org/AVG-2828 | 34.0.0rc1 |
| 2024-01-03T22:25:26.864583+00:00 | Arch Linux Importer | Affected by | VCID-vpyw-hewy-aaap | https://security.archlinux.org/AVG-2828 | 34.0.0rc1 |
| 2024-01-03T22:25:26.840875+00:00 | Arch Linux Importer | Affected by | VCID-x7df-8cm1-aaaj | https://security.archlinux.org/AVG-2828 | 34.0.0rc1 |
| 2024-01-03T22:25:26.819166+00:00 | Arch Linux Importer | Affected by | VCID-djmc-t9ae-aaap | https://security.archlinux.org/AVG-2828 | 34.0.0rc1 |
| 2024-01-03T22:25:26.797613+00:00 | Arch Linux Importer | Affected by | VCID-qr91-uuuy-aaas | https://security.archlinux.org/AVG-2828 | 34.0.0rc1 |
| 2024-01-03T22:25:26.777434+00:00 | Arch Linux Importer | Affected by | VCID-4y3f-523m-aaak | https://security.archlinux.org/AVG-2828 | 34.0.0rc1 |