It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Samba | Samba | 3.0.25 (including) | 4.3.13 (excluding) |
| Samba | Samba | 4.4.0 (including) | 4.4.8 (excluding) |
| Samba | Samba | 4.5.0 (including) | 4.5.3 (excluding) |
| Red Hat Enterprise Linux 6 | RedHat | samba-0:3.6.23-41.el6 | * |
| Red Hat Enterprise Linux 6 | RedHat | samba4-0:4.2.10-9.el6 | * |
| Red Hat Enterprise Linux 7 | RedHat | samba-0:4.4.4-13.el7_3 | * |
| Red Hat Gluster Storage 3.2 for RHEL 6 | RedHat | samba-0:4.4.6-4.el6rhs | * |
| Red Hat Gluster Storage 3.2 for RHEL 7 | RedHat | samba-0:4.4.6-4.el7rhgs | * |
| Samba | Ubuntu | devel | * |
| Samba | Ubuntu | precise | * |
| Samba | Ubuntu | trusty | * |
| Samba | Ubuntu | xenial | * |
| Samba | Ubuntu | yakkety | * |
| Samba | Ubuntu | zesty | * |
| Samba4 | Ubuntu | precise | * |