CVE-2022-32743

Name

CVE-2022-32743

Description

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
MISC	https://bugzilla.samba.org/show_bug.cgi?id=14833
MISC	https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/5c578b15-d619-408d-ba17-380714b89fd1
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTTOLTHUHOV4SHCHCB5TAA4FQVJAWN4P/

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:samba:samba::::::::`	samba	>= 4.1.0	<= None

Source package	Branch	Version	Maintainer	Status
samba	3.16-main	4.15.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
samba	3.13-main	4.13.17-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
samba	3.14-main	4.14.14-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
samba	3.15-main	4.15.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
samba	3.17-main	4.16.8-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
samba	edge-main	4.18.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable