A flaw was found in the way Samba,...... CVE-2020-25719

9.0 AV AC AU C I A
发布: 2022-02-18
修订: 2022-10-21

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.