mickmick.net

Samba Multiple Vulnerabilities

Release Date: 3 Apr 2023

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities were identified in Samba. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, security restriction bypass, and data manipulation on the targeted system.

---

Impact

• Security Restriction Bypass
• Data Manipulation
• Information Disclosure

---

System / Technologies affected

• All versions of Samba since 4.0 prior to 4.16.10, 4.17.7, 4.18.1.

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Samba users running affected versions are advised to upgrade or apply the patch as soon as possible.

• Apply fixes issued by the vendor:
  Patch for Samba 4.16.10
  Patch for Samba 4.17.7
  Patch for Samba 4.18.1

---

Vulnerability Identifier

• CVE-2023-0225
• CVE-2023-0614
• CVE-2023-0922

---

Source

• Samba

---

Related Link

• https://www.samba.org/samba/security/CVE-2023-0225.html
• https://www.samba.org/samba/security/CVE-2023-0614.html
• https://www.samba.org/samba/security/CVE-2023-0922.html