CVE-2023-0225

Name

CVE-2023-0225

Description

A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://www.samba.org/samba/security/CVE-2023-0225.html
CONFIRM	https://security.netapp.com/advisory/ntap-20230406-0007/
GENTOO	https://security.gentoo.org/glsa/202309-06

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:samba:samba:4.18.0:-::::::`	samba	== None	== 4.18.0
`cpe:2.3:a:samba:samba::::::::`	samba	>= 4.17.0	<= 4.17.7

References

Match rules

Vulnerable and fixed packages