MGASA-2023-0127 - Updated ldb/samba packages fix security vulnerability Publication date: 06 Apr 2023 URL: https://advisories.mageia.org/MGASA-2023-0127.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-0225 Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated users (CVE-2023-0225) Read access controlled AD LDAP attributes (CVE-2023-0614) Cleartext password sending by AD DC admin tool (CVE-2023-0922) References: - https://bugs.mageia.org/show_bug.cgi?id=31735 - https://www.samba.org/samba/security/CVE-2023-0225.html - https://www.samba.org/samba/security/CVE-2023-0922.html - https://www.samba.org/samba/security/CVE-2023-0614.html - https://lists.suse.com/pipermail/sle-security-updates/2023-March/014245.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0225 SRPMS: - 8/core/ldb-2.5.3-1.mga8 - 8/core/samba-4.16.10-1.mga8
Mageia 2023-0127: ldb/samba security update
Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated users (CVE-2023-0225) Read access controlled AD LDAP attributes (CVE-2023-0614) Cleartext password sending b...
Summary
Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated
users (CVE-2023-0225)
Read access controlled AD LDAP attributes (CVE-2023-0614)
Cleartext password sending by AD DC admin tool (CVE-2023-0922)
References
- https://bugs.mageia.org/show_bug.cgi?id=31735
- https://www.samba.org/samba/security/CVE-2023-0225.html
- https://www.samba.org/samba/security/CVE-2023-0922.html
- https://www.samba.org/samba/security/CVE-2023-0614.html
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014245.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0225
Resolution
MGASA-2023-0127 - Updated ldb/samba packages fix security vulnerability
SRPMS
- 8/core/ldb-2.5.3-1.mga8
- 8/core/samba-4.16.10-1.mga8
Severity
Publication date: 06 Apr 2023
URL: https://advisories.mageia.org/MGASA-2023-0127.html
Type: security
CVE: CVE-2023-0225
News
HOWTOs
About Us
Powered By
