search for: unwrap_des3

We have the same issue with Samba 4.13.17. For Ubuntu 20.04 with Samba 4.13.17 there seems to be only a workaround to solve the login problem: Modifying the Local Security Policy -> Local Policies -> Security Options -> Network security: "Configure encryption types allowed for Kerberos" Check only DES_CBC_CRC, DES_CBC_MD5 and RC4_HMAC_MD5. ? This worked for us to login again. ?

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-3437:? There is a limited write heap buffer overflow in the GSSAPI ????????????????? unwrap_des() and unwrap_des3() routines of Heimdal (included ????????????????? in Samba). https://www.samba.org/samba/security/CVE-2022-3437.html o CVE-2022-3592:? A malicious client can use a symlink to escape the exported ????????????????? directory. (4.17 only) https://www.samba.org/samba/security/CVE-2022-3592.html C...

Release Announcements --------------------- This are security releases in order to address the following defects: o CVE-2022-3437:? There is a limited write heap buffer overflow in the GSSAPI ????????????????? unwrap_des() and unwrap_des3() routines of Heimdal (included ????????????????? in Samba). https://www.samba.org/samba/security/CVE-2022-3437.html o CVE-2022-3592:? A malicious client can use a symlink to escape the exported ????????????????? directory. (4.17 only) https://www.samba.org/samba/security/CVE-2022-3592.html C...

...27 at 10:05 +1300, Andrew Bartlett wrote: > The latest Ubuntu 20.04 update for Samba has the Windows 22H2 > Kerberos issue fix (the windows 11 2038 date issue) > samba (2:4.13.17~dfsg-0ubuntu1.20.04.4) focal-security; > urgency=medium > * SECURITY UPDATE: Buffer overflow in Heimdal unwrap_des3() - > debian/patches/CVE-2022-3437-*.patch - CVE-2022-3437 * SECURITY > UPDATE: Buffer overflow vulnerabilities on 32-bit systems - > debian/patches/CVE-2022-42898-*.patch - CVE-2022-42898 * SECURITY > UPDATE: Samba AD DC can be forced to issue rc4-hmac > encrypted K...